CVE-2025-38494

high

Description

In the Linux kernel, the following vulnerability has been resolved: HID: core: do not bypass hid_hw_raw_request hid_hw_raw_request() is actually useful to ensure the provided buffer and length are valid. Directly calling in the low level transport driver function bypassed those checks and allowed invalid paramto be used.

References

https://git.kernel.org/stable/c/d18f63e848840100dbc351a82e7042eac5a28cf5

https://git.kernel.org/stable/c/c2ca42f190b6714d6c481dfd3d9b62ea091c946b

https://git.kernel.org/stable/c/a62a895edb2bfebffa865b5129a66e3b4287f34f

https://git.kernel.org/stable/c/19d1314d46c0d8a5c08ab53ddeb62280c77698c0

https://git.kernel.org/stable/c/0e5017d84d650ca0eeaf4a3fe9264c5dbc886b81

Details

Source: Mitre, NVD

Published: 2025-07-28

Updated: 2025-07-29

Risk Information

CVSS v2

Base Score: 6.9

Vector: CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C

Severity: Medium

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.00018