CVE-2025-38494
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
HID: core: do not bypass hid_hw_raw_request
hid_hw_raw_request() is actually useful to ensure the provided buffer and length are valid. Directly calling in the low level transport driver function bypassed those checks and allowed invalid paramto be used.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 4fa5a7f76cc7b6ac87f57741edd2b124851d119f < dd8e8314f2ce225dade5248dcfb9e2ac0edda624 | affected |
| Linux | Linux | 4fa5a7f76cc7b6ac87f57741edd2b124851d119f < 40e25aa7e4e0f2440c73a683ee448e41c7c344ed | affected |
| Linux | Linux | 4fa5a7f76cc7b6ac87f57741edd2b124851d119f < f10923b8d32a473b229477b63f23bbd72b1e9910 | affected |
| Linux | Linux | 4fa5a7f76cc7b6ac87f57741edd2b124851d119f < a62a895edb2bfebffa865b5129a66e3b4287f34f | affected |
| Linux | Linux | 4fa5a7f76cc7b6ac87f57741edd2b124851d119f < 0e5017d84d650ca0eeaf4a3fe9264c5dbc886b81 | affected |
| Linux | Linux | 4fa5a7f76cc7b6ac87f57741edd2b124851d119f < d18f63e848840100dbc351a82e7042eac5a28cf5 | affected |
| Linux | Linux | 4fa5a7f76cc7b6ac87f57741edd2b124851d119f < 19d1314d46c0d8a5c08ab53ddeb62280c77698c0 | affected |
| Linux | Linux | 4fa5a7f76cc7b6ac87f57741edd2b124851d119f < c2ca42f190b6714d6c481dfd3d9b62ea091c946b | affected |
| Linux | Linux | 3.15 | affected |
| Linux | Linux | 0 < 3.15 | unaffected |
| Linux | Linux | 5.4.297 <= 5.4.* | unaffected |
| Linux | Linux | 5.10.241 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.190 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.147 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.100 <= 6.6.* | unaffected |
| Linux | Linux | 6.12.40 <= 6.12.* | unaffected |
| Linux | Linux | 6.15.8 <= 6.15.* | unaffected |
| Linux | Linux | 6.16 <= * | unaffected |
Weaknesses
ADP Enrichment
CVE Program Container
Additional References
- https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
- https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
References
- https://git.kernel.org/stable/c/dd8e8314f2ce225dade5248dcfb9e2ac0edda624
- https://git.kernel.org/stable/c/40e25aa7e4e0f2440c73a683ee448e41c7c344ed
- https://git.kernel.org/stable/c/f10923b8d32a473b229477b63f23bbd72b1e9910
- https://git.kernel.org/stable/c/a62a895edb2bfebffa865b5129a66e3b4287f34f
- https://git.kernel.org/stable/c/0e5017d84d650ca0eeaf4a3fe9264c5dbc886b81
- https://git.kernel.org/stable/c/d18f63e848840100dbc351a82e7042eac5a28cf5
- https://git.kernel.org/stable/c/19d1314d46c0d8a5c08ab53ddeb62280c77698c0
- https://git.kernel.org/stable/c/c2ca42f190b6714d6c481dfd3d9b62ea091c946b
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.