CVE-2025-38494 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: HID: core: do not bypass hid_hw_raw_request hid_hw_raw_request() is actually useful to ensure the provided buffer and length are valid. Directly calling in the low level transport driver function bypassed those checks and allowed invalid paramto be used.

Reserved 2025-04-16 | Published 2025-07-28 | Updated 2025-07-28 | Assigner Linux

Product status

Default status

unaffected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before a62a895edb2bfebffa865b5129a66e3b4287f34f

affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 0e5017d84d650ca0eeaf4a3fe9264c5dbc886b81

affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before d18f63e848840100dbc351a82e7042eac5a28cf5

affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 19d1314d46c0d8a5c08ab53ddeb62280c77698c0

affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before c2ca42f190b6714d6c481dfd3d9b62ea091c946b

affected

Default status

affected

6.1.147

unaffected

6.6.100

unaffected

6.12.40

unaffected

6.15.8

unaffected

6.16

unaffected

References

git.kernel.org/...c/a62a895edb2bfebffa865b5129a66e3b4287f34f

git.kernel.org/...c/0e5017d84d650ca0eeaf4a3fe9264c5dbc886b81

git.kernel.org/...c/d18f63e848840100dbc351a82e7042eac5a28cf5

git.kernel.org/...c/19d1314d46c0d8a5c08ab53ddeb62280c77698c0

git.kernel.org/...c/c2ca42f190b6714d6c481dfd3d9b62ea091c946b

cve.org (CVE-2025-38494)

nvd.nist.gov (CVE-2025-38494)

Download JSON