{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-32776", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2025-04-10T12:51:12.278Z", "datePublished": "2025-04-15T16:32:20.628Z", "dateUpdated": "2025-11-03T19:53:39.183Z"}, "containers": {"cna": {"title": "OpenRazer Vulnerable to Out of Bounds Read", "problemTypes": [{"descriptions": [{"cweId": "CWE-125", "lang": "en", "description": "CWE-125: Out-of-bounds Read", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/openrazer/openrazer/security/advisories/GHSA-835j-6976-46jx", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/openrazer/openrazer/security/advisories/GHSA-835j-6976-46jx"}, {"name": "https://github.com/openrazer/openrazer/issues/2433", "tags": ["x_refsource_MISC"], "url": "https://github.com/openrazer/openrazer/issues/2433"}, {"name": "https://github.com/openrazer/openrazer/commit/57610511d2548eda66999eaed5aa4517e89d6d39", "tags": ["x_refsource_MISC"], "url": "https://github.com/openrazer/openrazer/commit/57610511d2548eda66999eaed5aa4517e89d6d39"}, {"name": "https://github.com/openrazer/openrazer/commit/d869abd20995b4931795e1cde54d4ac84d9ca62f", "tags": ["x_refsource_MISC"], "url": "https://github.com/openrazer/openrazer/commit/d869abd20995b4931795e1cde54d4ac84d9ca62f"}], "affected": [{"vendor": "openrazer", "product": "openrazer", "versions": [{"version": "< 3.10.2", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2025-04-15T16:32:20.628Z"}, "descriptions": [{"lang": "en", "value": "OpenRazer is an open source driver and user-space daemon to control Razer device lighting and other features on GNU/Linux. By writing specially crafted data to the `matrix_custom_frame` file, an attacker can cause the custom kernel driver to read more bytes than provided by user space. This data will be written into the RGB arguments which will be sent to the USB device. This issue has been patched in v3.10.2."}], "source": {"advisory": "GHSA-835j-6976-46jx", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-04-15T17:51:23.419369Z", "id": "CVE-2025-32776", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-15T17:51:38.081Z"}}, {"title": "CVE Program Container", "references": [{"url": "https://lists.debian.org/debian-lts-announce/2025/04/msg00032.html"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-03T19:53:39.183Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://lists.debian.org/debian-lts-announce/2025/04/msg00032.html"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-03T19:53:39.183Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-32776", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-04-15T17:51:23.419369Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-15T17:51:29.278Z"}}], "cna": {"title": "OpenRazer Vulnerable to Out of Bounds Read", "source": {"advisory": "GHSA-835j-6976-46jx", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "openrazer", "product": "openrazer", "versions": [{"status": "affected", "version": "< 3.10.2"}]}], "references": [{"url": "https://github.com/openrazer/openrazer/security/advisories/GHSA-835j-6976-46jx", "name": "https://github.com/openrazer/openrazer/security/advisories/GHSA-835j-6976-46jx", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/openrazer/openrazer/issues/2433", "name": "https://github.com/openrazer/openrazer/issues/2433", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/openrazer/openrazer/commit/57610511d2548eda66999eaed5aa4517e89d6d39", "name": "https://github.com/openrazer/openrazer/commit/57610511d2548eda66999eaed5aa4517e89d6d39", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/openrazer/openrazer/commit/d869abd20995b4931795e1cde54d4ac84d9ca62f", "name": "https://github.com/openrazer/openrazer/commit/d869abd20995b4931795e1cde54d4ac84d9ca62f", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "OpenRazer is an open source driver and user-space daemon to control Razer device lighting and other features on GNU/Linux. By writing specially crafted data to the `matrix_custom_frame` file, an attacker can cause the custom kernel driver to read more bytes than provided by user space. This data will be written into the RGB arguments which will be sent to the USB device. This issue has been patched in v3.10.2."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-125", "description": "CWE-125: Out-of-bounds Read"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2025-04-15T16:32:20.628Z"}}}, "cveMetadata": {"cveId": "CVE-2025-32776", "state": "PUBLISHED", "dateUpdated": "2025-11-03T19:53:39.183Z", "dateReserved": "2025-04-10T12:51:12.278Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2025-04-15T16:32:20.628Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "OpenRazer is an open source driver and user-space daemon to control Razer device lighting and other features on GNU/Linux. By writing specially crafted data to the `matrix_custom_frame` file, an attacker can cause the custom kernel driver to read more bytes than provided by user space. This data will be written into the RGB arguments which will be sent to the USB device. This issue has been patched in v3.10.2."}, {"lang": "es", "value": "OpenRazer es un controlador de c\u00f3digo abierto y un daemon de espacio de usuario para controlar la iluminaci\u00f3n de dispositivos Razer y otras funciones en GNU/Linux. Al escribir datos especialmente manipulados en el archivo `matrix_custom_frame`, un atacante puede provocar que el controlador de kernel personalizado lea m\u00e1s bytes de los que proporciona el espacio de usuario. Estos datos se escribir\u00e1n en los argumentos RGB que se enviar\u00e1n al dispositivo USB. Este problema se ha corregido en la versi\u00f3n 3.10.2."}], "id": "CVE-2025-32776", "lastModified": "2025-11-03T20:18:28.297", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2025-04-15T17:15:49.730", "references": [{"source": "security-advisories@github.com", "url": "https://github.com/openrazer/openrazer/commit/57610511d2548eda66999eaed5aa4517e89d6d39"}, {"source": "security-advisories@github.com", "url": "https://github.com/openrazer/openrazer/commit/d869abd20995b4931795e1cde54d4ac84d9ca62f"}, {"source": "security-advisories@github.com", "url": "https://github.com/openrazer/openrazer/issues/2433"}, {"source": "security-advisories@github.com", "url": "https://github.com/openrazer/openrazer/security/advisories/GHSA-835j-6976-46jx"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.debian.org/debian-lts-announce/2025/04/msg00032.html"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}], "source": "security-advisories@github.com", "type": "Secondary"}]}

{}

{}