CVE-2025-38494 Information
Jul 29, 2025
cve
Description
In the Linux kernel the following vulnerability has been resolved:
HID: core: do not bypass hid_hw_raw_request
hid_hw_raw_request() is actually useful to ensure the provided buffer and length are valid. Directly calling in the low level transport driver function bypassed those checks and allowed invalid paramto be used.
Reference
https://git.kernel.org/stable/c/0e5017d84d650ca0eeaf4a3fe9264c5dbc886b81 https://git.kernel.org/stable/c/19d1314d46c0d8a5c08ab53ddeb62280c77698c0 https://git.kernel.org/stable/c/a62a895edb2bfebffa865b5129a66e3b4287f34f https://git.kernel.org/stable/c/c2ca42f190b6714d6c481dfd3d9b62ea091c946b https://git.kernel.org/stable/c/d18f63e848840100dbc351a82e7042eac5a28cf5
Related CNNVD
CNNVD-202507-3452 (Published: 2025-07-28)
Share on: