CVE-2025-38494 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved:

HID: core: do not bypass hid_hw_raw_request

hid_hw_raw_request() is actually useful to ensure the provided buffer
and length are valid. Directly calling in the low level transport driver
function bypassed those checks and allowed invalid paramto be used.

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00025.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux Subscribe	Linux Kernel Subscribe

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors	Products
Linux Subscribe	Linux Kernel Subscribe

Advisories

Source	ID	Title
Debian DLA	DLA-4327-1	linux security update
Debian DLA	DLA-4328-1	linux-6.1 security update
Debian DSA	DSA-5973-1	linux security update
Debian DSA	DSA-5975-1	linux security update
EUVD	EUVD-2025-22869	In the Linux kernel, the following vulnerability has been resolved: HID: core: do not bypass hid_hw_raw_request hid_hw_raw_request() is actually useful to ensure the provided buffer and length are valid. Directly calling in the low level transport driver function bypassed those checks and allowed invalid paramto be used.
Ubuntu USN	USN-7879-1	Linux kernel vulnerabilities
Ubuntu USN	USN-7879-2	Linux kernel (Real-time) vulnerabilities
Ubuntu USN	USN-7880-1	Linux kernel (OEM) vulnerabilities
Ubuntu USN	USN-7879-3	Linux kernel vulnerabilities
Ubuntu USN	USN-7909-1	Linux kernel vulnerabilities
Ubuntu USN	USN-7879-4	Linux kernel vulnerabilities
Ubuntu USN	USN-7909-2	Linux kernel (Real-time) vulnerabilities
Ubuntu USN	USN-7909-3	Linux kernel (FIPS) vulnerabilities
Ubuntu USN	USN-7910-1	Linux kernel (Azure FIPS) vulnerabilities
Ubuntu USN	USN-7909-4	Linux kernel vulnerabilities
Ubuntu USN	USN-7910-2	Linux kernel (Azure) vulnerabilities
Ubuntu USN	USN-7909-5	Linux kernel (Raspberry Pi) vulnerabilities
Ubuntu USN	USN-7933-1	Linux kernel (KVM) vulnerabilities
Ubuntu USN	USN-7934-1	Linux kernel (Azure) vulnerabilities
Ubuntu USN	USN-7938-1	Linux kernel (Azure) vulnerabilities

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://git.kernel.org/stable/c/0e5017d84d650ca0eeaf4a3fe9264c5dbc886b81
https://git.kernel.org/stable/c/19d1314d46c0d8a5c08ab53ddeb62280c77698c0
https://git.kernel.org/stable/c/40e25aa7e4e0f2440c73a683ee448e41c7c344ed
https://git.kernel.org/stable/c/a62a895edb2bfebffa865b5129a66e3b4287f34f
https://git.kernel.org/stable/c/c2ca42f190b6714d6c481dfd3d9b62ea091c946b
https://git.kernel.org/stable/c/d18f63e848840100dbc351a82e7042eac5a28cf5
https://git.kernel.org/stable/c/dd8e8314f2ce225dade5248dcfb9e2ac0edda624
https://git.kernel.org/stable/c/f10923b8d32a473b229477b63f23bbd72b1e9910
https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
https://lore.kernel.org/linux-cve-announce/2025072818-CVE-2025-38494-63e4@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2025-38494
https://www.cve.org/CVERecord?id=CVE-2025-38494

History

Mon, 03 Nov 2025 18:30:00 +0000

Type	Values Removed	Values Added
References		https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html

Thu, 28 Aug 2025 14:45:00 +0000

Type	Values Removed	Values Added
References		https://git.kernel.org/stable/c/40e25aa7e4e0f2440c73a683ee448e41c7c344ed https://git.kernel.org/stable/c/dd8e8314f2ce225dade5248dcfb9e2ac0edda624 https://git.kernel.org/stable/c/f10923b8d32a473b229477b63f23bbd72b1e9910

Tue, 29 Jul 2025 12:30:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2025072818-CVE-2025-38494-63e4@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2025-38494 https://www.cve.org/CVERecord?id=CVE-2025-38494
Metrics	threat_severity `None`	cvssV3_1 `{'score': 7.0, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H'}` threat_severity `Moderate`

Tue, 29 Jul 2025 08:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Linux Linux linux Kernel
Vendors & Products		Linux Linux linux Kernel

Mon, 28 Jul 2025 11:30:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: HID: core: do not bypass hid_hw_raw_request hid_hw_raw_request() is actually useful to ensure the provided buffer and length are valid. Directly calling in the low level transport driver function bypassed those checks and allowed invalid paramto be used.
Title		HID: core: do not bypass hid_hw_raw_request
References		https://git.kernel.org/stable/c/0e5017d84d650ca0eeaf4a3fe9264c5dbc886b81 https://git.kernel.org/stable/c/19d1314d46c0d8a5c08ab53ddeb62280c77698c0 https://git.kernel.org/stable/c/a62a895edb2bfebffa865b5129a66e3b4287f34f https://git.kernel.org/stable/c/c2ca42f190b6714d6c481dfd3d9b62ea091c946b https://git.kernel.org/stable/c/d18f63e848840100dbc351a82e7042eac5a28cf5

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-07-28T11:22:03.180Z

Updated: 2025-11-03T17:39:01.805Z

Reserved: 2025-04-16T04:51:24.022Z

Link: CVE-2025-38494

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2025-07-28T12:15:31.607

Modified: 2025-11-03T18:16:25.533

Link: CVE-2025-38494

Redhat

Severity : Moderate

Publid Date: 2025-07-28T00:00:00Z

Links: CVE-2025-38494 - Bugzilla

OpenCVE Enrichment

Updated: 2025-07-29T07:59:21Z

Weaknesses

No weakness.

Metrics

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Affected Vendors & Products

Projects

JSON object

JSON object

JSON object

JSON object

JSON object