Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2025-38494

Опубликовано: 28 июл. 2025
Источник: redhat
CVSS3: 7

Описание

In the Linux kernel, the following vulnerability has been resolved: HID: core: do not bypass hid_hw_raw_request hid_hw_raw_request() is actually useful to ensure the provided buffer and length are valid. Directly calling in the low level transport driver function bypassed those checks and allowed invalid paramto be used.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 10kernelAffected
Red Hat Enterprise Linux 6kernelOut of support scope
Red Hat Enterprise Linux 7kernelAffected
Red Hat Enterprise Linux 7kernel-rtAffected
Red Hat Enterprise Linux 8kernelAffected
Red Hat Enterprise Linux 8kernel-rtAffected
Red Hat Enterprise Linux 9kernelAffected
Red Hat Enterprise Linux 9kernel-rtAffected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=2383905kernel: HID: core: do not bypass hid_hw_raw_request

7 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2025-38494

ubuntu
29 дней назад

In the Linux kernel, the following vulnerability has been resolved: HID: core: do not bypass hid_hw_raw_request hid_hw_raw_request() is actually useful to ensure the provided buffer and length are valid. Directly calling in the low level transport driver function bypassed those checks and allowed invalid paramto be used.

nvd логотип

CVE-2025-38494

nvd
29 дней назад

In the Linux kernel, the following vulnerability has been resolved: HID: core: do not bypass hid_hw_raw_request hid_hw_raw_request() is actually useful to ensure the provided buffer and length are valid. Directly calling in the low level transport driver function bypassed those checks and allowed invalid paramto be used.

debian логотип

CVE-2025-38494

debian
29 дней назад

In the Linux kernel, the following vulnerability has been resolved: H ...

github логотип

GHSA-9ww5-wgf4-8cfm

github
29 дней назад

In the Linux kernel, the following vulnerability has been resolved: HID: core: do not bypass hid_hw_raw_request hid_hw_raw_request() is actually useful to ensure the provided buffer and length are valid. Directly calling in the low level transport driver function bypassed those checks and allowed invalid paramto be used.

suse-cvrf логотип

SUSE-SU-2025:02944-1

suse-cvrf
5 дней назад

Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP7)

7 High

CVSS3