-

CVE-2025-38494

EPSS 0.04%
Veröffentlicht 28.07.2025 11:22:03
Zuletzt bearbeitet 28.08.2025 15:15:50
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

HID: core: do not bypass hid_hw_raw_request

hid_hw_raw_request() is actually useful to ensure the provided buffer
and length are valid. Directly calling in the low level transport driver
function bypassed those checks and allowed invalid paramto be used.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 11

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < dd8e8314f2ce225dade5248dcfb9e2ac0edda624

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 40e25aa7e4e0f2440c73a683ee448e41c7c344ed

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < f10923b8d32a473b229477b63f23bbd72b1e9910

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < a62a895edb2bfebffa865b5129a66e3b4287f34f

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 0e5017d84d650ca0eeaf4a3fe9264c5dbc886b81

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < d18f63e848840100dbc351a82e7042eac5a28cf5

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 19d1314d46c0d8a5c08ab53ddeb62280c77698c0

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < c2ca42f190b6714d6c481dfd3d9b62ea091c946b

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version <= 5.4.*

Version 5.4.297

Status unaffected

Version <= 5.10.*

Version 5.10.241

Status unaffected

Version <= 5.15.*

Version 5.15.190

Status unaffected

Version <= 6.1.*

Version 6.1.147

Status unaffected

Version <= 6.6.*

Version 6.6.100

Status unaffected

Version <= 6.12.*

Version 6.12.40

Status unaffected

Version <= 6.15.*

Version 6.15.8

Status unaffected

Version <= *

Version 6.16

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.103

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/a62a895edb2bfebffa865b5129a66e3b4287f34f

https://git.kernel.org/stable/c/0e5017d84d650ca0eeaf4a3fe9264c5dbc886b81

https://git.kernel.org/stable/c/d18f63e848840100dbc351a82e7042eac5a28cf5

https://git.kernel.org/stable/c/19d1314d46c0d8a5c08ab53ddeb62280c77698c0

https://git.kernel.org/stable/c/c2ca42f190b6714d6c481dfd3d9b62ea091c946b

https://git.kernel.org/stable/c/40e25aa7e4e0f2440c73a683ee448e41c7c344ed

https://git.kernel.org/stable/c/dd8e8314f2ce225dade5248dcfb9e2ac0edda624

https://git.kernel.org/stable/c/f10923b8d32a473b229477b63f23bbd72b1e9910

https://nvd.nist.gov/vuln/detail/CVE-2025-38494

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-38494

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-38494

EUVD