CVE-2025-38494
published 2025-07-28CVE-2025-38494: In the Linux kernel, the following vulnerability has been resolved: HID: core: do not bypass hid_hw_raw_request hid_hw_raw_request() is actually useful to…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
In the Linux kernel, the following vulnerability has been resolved:
HID: core: do not bypass hid_hw_raw_request
hid_hw_raw_request() is actually useful to ensure the provided buffer
and length are valid. Directly calling in the low level transport driver
function bypassed those checks and allowed invalid paramto be used.
Affected
37 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | linux | < linux 6.1.147-1 (bookworm) | linux 6.1.147-1 (bookworm) |
| debian | linux-6.1 | < linux 6.1.147-1 (bookworm) | linux 6.1.147-1 (bookworm) |
| linux | linux | — | — |
| linux | linux | >= 4fa5a7f76cc7b6ac87f57741edd2b124851d119f < dd8e8314f2ce225dade5248dcfb9e2ac0edda624 | dd8e8314f2ce225dade5248dcfb9e2ac0edda624 |
| linux | linux | >= 4fa5a7f76cc7b6ac87f57741edd2b124851d119f < 40e25aa7e4e0f2440c73a683ee448e41c7c344ed | 40e25aa7e4e0f2440c73a683ee448e41c7c344ed |
| linux | linux | >= 4fa5a7f76cc7b6ac87f57741edd2b124851d119f < f10923b8d32a473b229477b63f23bbd72b1e9910 | f10923b8d32a473b229477b63f23bbd72b1e9910 |
| linux | linux | >= 4fa5a7f76cc7b6ac87f57741edd2b124851d119f < a62a895edb2bfebffa865b5129a66e3b4287f34f | a62a895edb2bfebffa865b5129a66e3b4287f34f |
| linux | linux | >= 4fa5a7f76cc7b6ac87f57741edd2b124851d119f < 0e5017d84d650ca0eeaf4a3fe9264c5dbc886b81 | 0e5017d84d650ca0eeaf4a3fe9264c5dbc886b81 |
| linux | linux | >= 4fa5a7f76cc7b6ac87f57741edd2b124851d119f < d18f63e848840100dbc351a82e7042eac5a28cf5 | d18f63e848840100dbc351a82e7042eac5a28cf5 |
| linux | linux | >= 4fa5a7f76cc7b6ac87f57741edd2b124851d119f < 19d1314d46c0d8a5c08ab53ddeb62280c77698c0 | 19d1314d46c0d8a5c08ab53ddeb62280c77698c0 |
| linux | linux | >= 4fa5a7f76cc7b6ac87f57741edd2b124851d119f < c2ca42f190b6714d6c481dfd3d9b62ea091c946b | c2ca42f190b6714d6c481dfd3d9b62ea091c946b |
| linux | linux_kernel | — | — |
| linux | linux_kernel | >= 0 < 5.10.244-1 | 5.10.244-1 |
| linux | linux_kernel | >= 0 < 6.1.147-1 | 6.1.147-1 |
| linux | linux_kernel | >= 0 < 6.12.41-1 | 6.12.41-1 |
| linux | linux_kernel | >= 0 < 6.16.3-1 | 6.16.3-1 |
| linux | linux_kernel | >= 0 < 5.15.0-163.173 | 5.15.0-163.173 |
| linux | linux_kernel | >= 0 < 6.8.0-100.100 | 6.8.0-100.100 |
| linux | linux_kernel | >= 3.15 < 5.4.297 | 5.4.297 |
| linux | linux_kernel | >= 5.11 < 5.15.190 | 5.15.190 |
| linux | linux_kernel | >= 5.16 < 6.1.147 | 6.1.147 |
| linux | linux_kernel | >= 5.5 < 5.10.241 | 5.10.241 |
| linux | linux_kernel | >= 6.13 < 6.15.8 | 6.15.8 |
| linux | linux_kernel | >= 6.2 < 6.6.100 | 6.6.100 |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
osv7.8HIGH