CVE-2025-38495
published 2025-07-28CVE-2025-38495: In the Linux kernel, the following vulnerability has been resolved: HID: core: ensure the allocated report buffer can contain the reserved report ID When the…
medium5.5CVSS 3.1
AVLACLPRLUINSUCNINAH
In the Linux kernel, the following vulnerability has been resolved:
HID: core: ensure the allocated report buffer can contain the reserved report ID
When the report ID is not used, the low level transport drivers expect
the first byte to be 0. However, currently the allocated buffer not
account for that extra byte, meaning that instead of having 8 guaranteed
bytes for implement to be working, we only have 7.
Affected
38 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | linux | < linux 6.1.147-1 (bookworm) | linux 6.1.147-1 (bookworm) |
| debian | linux-6.1 | < linux 6.1.147-1 (bookworm) | linux 6.1.147-1 (bookworm) |
| linux | linux | — | — |
| linux | linux | >= 4fa5a7f76cc7b6ac87f57741edd2b124851d119f < 7228e36c7875e4b035374cf68ca5e44dffa596b2 | 7228e36c7875e4b035374cf68ca5e44dffa596b2 |
| linux | linux | >= 4fa5a7f76cc7b6ac87f57741edd2b124851d119f < 9f2892f7233a8f1320fe671d0f95f122191bfbcd | 9f2892f7233a8f1320fe671d0f95f122191bfbcd |
| linux | linux | >= 4fa5a7f76cc7b6ac87f57741edd2b124851d119f < 7fa83d0043370003e9a0b46ab7ae8f53b00fab06 | 7fa83d0043370003e9a0b46ab7ae8f53b00fab06 |
| linux | linux | >= 4fa5a7f76cc7b6ac87f57741edd2b124851d119f < d3ed1d84a84538a39b3eb2055d6a97a936c108f2 | d3ed1d84a84538a39b3eb2055d6a97a936c108f2 |
| linux | linux | >= 4fa5a7f76cc7b6ac87f57741edd2b124851d119f < fcda39a9c5b834346088c14b1374336b079466c1 | fcda39a9c5b834346088c14b1374336b079466c1 |
| linux | linux | >= 4fa5a7f76cc7b6ac87f57741edd2b124851d119f < a262370f385e53ff7470efdcdaf40468e5756717 | a262370f385e53ff7470efdcdaf40468e5756717 |
| linux | linux | >= 4fa5a7f76cc7b6ac87f57741edd2b124851d119f < a47d9d9895bad9ce0e840a39836f19ca0b2a343a | a47d9d9895bad9ce0e840a39836f19ca0b2a343a |
| linux | linux | >= 4fa5a7f76cc7b6ac87f57741edd2b124851d119f < 4f15ee98304b96e164ff2340e1dfd6181c3f42aa | 4f15ee98304b96e164ff2340e1dfd6181c3f42aa |
| linux | linux_kernel | — | — |
| linux | linux_kernel | >= 0 < 5.10.244-1 | 5.10.244-1 |
| linux | linux_kernel | >= 0 < 6.1.147-1 | 6.1.147-1 |
| linux | linux_kernel | >= 0 < 6.12.41-1 | 6.12.41-1 |
| linux | linux_kernel | >= 0 < 6.16.3-1 | 6.16.3-1 |
| linux | linux_kernel | >= 0 < 5.15.0-163.173 | 5.15.0-163.173 |
| linux | linux_kernel | >= 0 < 6.8.0-100.100 | 6.8.0-100.100 |
| linux | linux_kernel | >= 3.15 < 5.4.297 | 5.4.297 |
| linux | linux_kernel | >= 5.11 < 5.15.190 | 5.15.190 |
| linux | linux_kernel | >= 5.16 < 6.1.147 | 6.1.147 |
| linux | linux_kernel | >= 5.5 < 5.10.241 | 5.10.241 |
| linux | linux_kernel | >= 6.13 < 6.15.8 | 6.15.8 |
| linux | linux_kernel | >= 6.2 < 6.6.100 | 6.6.100 |
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
osv5.5MEDIUM