Description

In the Linux kernel, the following vulnerability has been resolved: HID: core: do not bypass hid_hw_raw_request hid_hw_raw_request() is actually useful to ensure the provided buffer and length are valid. Directly calling in the low level transport driver function bypassed those checks and allowed invalid paramto be used.

INFO

Published Date :

2025-07-28T11:22:03.180Z

Last Modified :

2025-07-28T11:22:03.180Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2025-38494 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-38494.

URL Resource
https://git.kernel.org/stable/c/0e5017d84d650ca0eeaf4a3fe9264c5dbc886b81 cve-icon cve-icon
https://git.kernel.org/stable/c/19d1314d46c0d8a5c08ab53ddeb62280c77698c0 cve-icon cve-icon
https://git.kernel.org/stable/c/a62a895edb2bfebffa865b5129a66e3b4287f34f cve-icon cve-icon
https://git.kernel.org/stable/c/c2ca42f190b6714d6c481dfd3d9b62ea091c946b cve-icon cve-icon
https://git.kernel.org/stable/c/d18f63e848840100dbc351a82e7042eac5a28cf5 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025072818-CVE-2025-38494-63e4@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-38494 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-38494 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact