-

CVE-2025-38494

EPSS 0.04%
Published 28.07.2025 11:22:03
Last modified 28.08.2025 15:15:50
Source 416baaa9-dc9f-4396-8d5f-8c081f
Teams watchlist Login
Open Login

In the Linux kernel, the following vulnerability has been resolved:

HID: core: do not bypass hid_hw_raw_request

hid_hw_raw_request() is actually useful to ensure the provided buffer
and length are valid. Directly calling in the low level transport driver
function bypassed those checks and allowed invalid paramto be used.

Affected products Warnungen 0 Metrics 1 CWE 0 References 11

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

This information is available to logged-in users.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

VendorLinux

≫

Product Linux

Default Statusunaffected

Version < dd8e8314f2ce225dade5248dcfb9e2ac0edda624

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 40e25aa7e4e0f2440c73a683ee448e41c7c344ed

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < f10923b8d32a473b229477b63f23bbd72b1e9910

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < a62a895edb2bfebffa865b5129a66e3b4287f34f

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 0e5017d84d650ca0eeaf4a3fe9264c5dbc886b81

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < d18f63e848840100dbc351a82e7042eac5a28cf5

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 19d1314d46c0d8a5c08ab53ddeb62280c77698c0

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < c2ca42f190b6714d6c481dfd3d9b62ea091c946b

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

VendorLinux

≫

Product Linux

Default Statusaffected

Version <= 5.4.*

Version 5.4.297

Status unaffected

Version <= 5.10.*

Version 5.10.241

Status unaffected

Version <= 5.15.*

Version 5.15.190

Status unaffected

Version <= 6.1.*

Version 6.1.147

Status unaffected

Version <= 6.6.*

Version 6.6.100

Status unaffected

Version <= 6.12.*

Version 6.12.40

Status unaffected

Version <= 6.15.*

Version 6.15.8

Status unaffected

Version <= *

Version 6.16

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.04%	0.103

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string

https://git.kernel.org/stable/c/a62a895edb2bfebffa865b5129a66e3b4287f34f

https://git.kernel.org/stable/c/0e5017d84d650ca0eeaf4a3fe9264c5dbc886b81

https://git.kernel.org/stable/c/d18f63e848840100dbc351a82e7042eac5a28cf5

https://git.kernel.org/stable/c/19d1314d46c0d8a5c08ab53ddeb62280c77698c0

https://git.kernel.org/stable/c/c2ca42f190b6714d6c481dfd3d9b62ea091c946b

https://git.kernel.org/stable/c/40e25aa7e4e0f2440c73a683ee448e41c7c344ed

https://git.kernel.org/stable/c/dd8e8314f2ce225dade5248dcfb9e2ac0edda624

https://git.kernel.org/stable/c/f10923b8d32a473b229477b63f23bbd72b1e9910

https://nvd.nist.gov/vuln/detail/CVE-2025-38494

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-38494

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-38494

EUVD