Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2025-38494
PUBLISHED
More InfoOfficial Page
Assigner-Linux
Assigner Org ID-416baaa9-dc9f-4396-8d5f-8c081fb06d67
View Known Exploited Vulnerability (KEV) details
Published At-28 Jul, 2025 | 11:22
Updated At-02 Jan, 2026 | 15:30
Rejected At-
▼CVE Numbering Authority (CNA)
HID: core: do not bypass hid_hw_raw_request

In the Linux kernel, the following vulnerability has been resolved: HID: core: do not bypass hid_hw_raw_request hid_hw_raw_request() is actually useful to ensure the provided buffer and length are valid. Directly calling in the low level transport driver function bypassed those checks and allowed invalid paramto be used.

Affected Products
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • drivers/hid/hid-core.c
Default Status
unaffected
Versions
Affected
  • From 4fa5a7f76cc7b6ac87f57741edd2b124851d119f before dd8e8314f2ce225dade5248dcfb9e2ac0edda624 (git)
  • From 4fa5a7f76cc7b6ac87f57741edd2b124851d119f before 40e25aa7e4e0f2440c73a683ee448e41c7c344ed (git)
  • From 4fa5a7f76cc7b6ac87f57741edd2b124851d119f before f10923b8d32a473b229477b63f23bbd72b1e9910 (git)
  • From 4fa5a7f76cc7b6ac87f57741edd2b124851d119f before a62a895edb2bfebffa865b5129a66e3b4287f34f (git)
  • From 4fa5a7f76cc7b6ac87f57741edd2b124851d119f before 0e5017d84d650ca0eeaf4a3fe9264c5dbc886b81 (git)
  • From 4fa5a7f76cc7b6ac87f57741edd2b124851d119f before d18f63e848840100dbc351a82e7042eac5a28cf5 (git)
  • From 4fa5a7f76cc7b6ac87f57741edd2b124851d119f before 19d1314d46c0d8a5c08ab53ddeb62280c77698c0 (git)
  • From 4fa5a7f76cc7b6ac87f57741edd2b124851d119f before c2ca42f190b6714d6c481dfd3d9b62ea091c946b (git)
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • drivers/hid/hid-core.c
Default Status
affected
Versions
Affected
  • 3.15
Unaffected
  • From 0 before 3.15 (semver)
  • From 5.4.297 through 5.4.* (semver)
  • From 5.10.241 through 5.10.* (semver)
  • From 5.15.190 through 5.15.* (semver)
  • From 6.1.147 through 6.1.* (semver)
  • From 6.6.100 through 6.6.* (semver)
  • From 6.12.40 through 6.12.* (semver)
  • From 6.15.8 through 6.15.* (semver)
  • From 6.16 through * (original_commit_for_fix)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://git.kernel.org/stable/c/dd8e8314f2ce225dade5248dcfb9e2ac0edda624
N/A
https://git.kernel.org/stable/c/40e25aa7e4e0f2440c73a683ee448e41c7c344ed
N/A
https://git.kernel.org/stable/c/f10923b8d32a473b229477b63f23bbd72b1e9910
N/A
https://git.kernel.org/stable/c/a62a895edb2bfebffa865b5129a66e3b4287f34f
N/A
https://git.kernel.org/stable/c/0e5017d84d650ca0eeaf4a3fe9264c5dbc886b81
N/A
https://git.kernel.org/stable/c/d18f63e848840100dbc351a82e7042eac5a28cf5
N/A
https://git.kernel.org/stable/c/19d1314d46c0d8a5c08ab53ddeb62280c77698c0
N/A
https://git.kernel.org/stable/c/c2ca42f190b6714d6c481dfd3d9b62ea091c946b
N/A
Hyperlink: https://git.kernel.org/stable/c/dd8e8314f2ce225dade5248dcfb9e2ac0edda624
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/40e25aa7e4e0f2440c73a683ee448e41c7c344ed
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/f10923b8d32a473b229477b63f23bbd72b1e9910
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/a62a895edb2bfebffa865b5129a66e3b4287f34f
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/0e5017d84d650ca0eeaf4a3fe9264c5dbc886b81
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/d18f63e848840100dbc351a82e7042eac5a28cf5
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/19d1314d46c0d8a5c08ab53ddeb62280c77698c0
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/c2ca42f190b6714d6c481dfd3d9b62ea091c946b
Resource: N/A
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
N/A
https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
N/A
Hyperlink: https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
Resource: N/A
Hyperlink: https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
Resource: N/A
Details not found