Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog
Консоль
Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog

exploitDog

nvd Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2025-38495

ΠžΠΏΡƒΠ±Π»ΠΈΠΊΠΎΠ²Π°Π½ΠΎ: 28 июл. 2025
Π˜ΡΡ‚ΠΎΡ‡Π½ΠΈΠΊ: nvd
CVSS3: 5.5
EPSS Низкий

ОписаниС

In the Linux kernel, the following vulnerability has been resolved:

HID: core: ensure the allocated report buffer can contain the reserved report ID

When the report ID is not used, the low level transport drivers expect the first byte to be 0. However, currently the allocated buffer not account for that extra byte, meaning that instead of having 8 guaranteed bytes for implement to be working, we only have 7.

Бсылки

УязвимыС ΠΊΠΎΠ½Ρ„ΠΈΠ³ΡƒΡ€Π°Ρ†ΠΈΠΈ

ΠšΠΎΠ½Ρ„ΠΈΠ³ΡƒΡ€Π°Ρ†ΠΈΡ 1

Одно из

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
ВСрсия ΠΎΡ‚ 3.15 (Π²ΠΊΠ»ΡŽΡ‡Π°Ρ) Π΄ΠΎ 5.4.297 (ΠΈΡΠΊΠ»ΡŽΡ‡Π°Ρ)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
ВСрсия ΠΎΡ‚ 5.5 (Π²ΠΊΠ»ΡŽΡ‡Π°Ρ) Π΄ΠΎ 5.10.241 (ΠΈΡΠΊΠ»ΡŽΡ‡Π°Ρ)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
ВСрсия ΠΎΡ‚ 5.11 (Π²ΠΊΠ»ΡŽΡ‡Π°Ρ) Π΄ΠΎ 5.15.190 (ΠΈΡΠΊΠ»ΡŽΡ‡Π°Ρ)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
ВСрсия ΠΎΡ‚ 5.16 (Π²ΠΊΠ»ΡŽΡ‡Π°Ρ) Π΄ΠΎ 6.1.147 (ΠΈΡΠΊΠ»ΡŽΡ‡Π°Ρ)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
ВСрсия ΠΎΡ‚ 6.2 (Π²ΠΊΠ»ΡŽΡ‡Π°Ρ) Π΄ΠΎ 6.6.100 (ΠΈΡΠΊΠ»ΡŽΡ‡Π°Ρ)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
ВСрсия ΠΎΡ‚ 6.7 (Π²ΠΊΠ»ΡŽΡ‡Π°Ρ) Π΄ΠΎ 6.12.40 (ΠΈΡΠΊΠ»ΡŽΡ‡Π°Ρ)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
ВСрсия ΠΎΡ‚ 6.13 (Π²ΠΊΠ»ΡŽΡ‡Π°Ρ) Π΄ΠΎ 6.15.8 (ΠΈΡΠΊΠ»ΡŽΡ‡Π°Ρ)
cpe:2.3:o:linux:linux_kernel:6.16:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.16:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.16:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.16:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.16:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.16:rc6:*:*:*:*:*:*
ΠšΠΎΠ½Ρ„ΠΈΠ³ΡƒΡ€Π°Ρ†ΠΈΡ 2
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*

EPSS

ΠŸΡ€ΠΎΡ†Π΅Π½Ρ‚ΠΈΠ»ΡŒ: 9%
0.00189
Низкий

5.5 Medium

CVSS3

Π”Π΅Ρ„Π΅ΠΊΡ‚Ρ‹

NVD-CWE-noinfo

БвязанныС уязвимости

ubuntu Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2025-38495

CVSS3: 5.5
ubuntu
11 мСсяцСв Π½Π°Π·Π°Π΄

In the Linux kernel, the following vulnerability has been resolved: HID: core: ensure the allocated report buffer can contain the reserved report ID When the report ID is not used, the low level transport drivers expect the first byte to be 0. However, currently the allocated buffer not account for that extra byte, meaning that instead of having 8 guaranteed bytes for implement to be working, we only have 7.

redhat Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2025-38495

CVSS3: 6
redhat
11 мСсяцСв Π½Π°Π·Π°Π΄

In the Linux kernel, the following vulnerability has been resolved: HID: core: ensure the allocated report buffer can contain the reserved report ID When the report ID is not used, the low level transport drivers expect the first byte to be 0. However, currently the allocated buffer not account for that extra byte, meaning that instead of having 8 guaranteed bytes for implement to be working, we only have 7.

msrc Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2025-38495

CVSS3: 7
msrc
10 мСсяцСв Π½Π°Π·Π°Π΄

HID: core: ensure the allocated report buffer can contain the reserved report ID

debian Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2025-38495

CVSS3: 5.5
debian
11 мСсяцСв Π½Π°Π·Π°Π΄

In the Linux kernel, the following vulnerability has been resolved: H ...

github Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

GHSA-42gx-8xq5-j4pf

CVSS3: 5.5
github
11 мСсяцСв Π½Π°Π·Π°Π΄

In the Linux kernel, the following vulnerability has been resolved: HID: core: ensure the allocated report buffer can contain the reserved report ID When the report ID is not used, the low level transport drivers expect the first byte to be 0. However, currently the allocated buffer not account for that extra byte, meaning that instead of having 8 guaranteed bytes for implement to be working, we only have 7.

EPSS

ΠŸΡ€ΠΎΡ†Π΅Π½Ρ‚ΠΈΠ»ΡŒ: 9%
0.00189
Низкий

5.5 Medium

CVSS3

Π”Π΅Ρ„Π΅ΠΊΡ‚Ρ‹

NVD-CWE-noinfo
Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡ‚ΡŒ CVE-2025-38495