ГлавнаяУязвимости → CVE-2025-38494
7.8высокая

CVE-2025-38494

→ есть в БДУ: BDU:2025-13522 (на русском)
Описание (на английском; русское — в БДУ выше)

In the Linux kernel, the following vulnerability has been resolved: HID: core: do not bypass hid_hw_raw_request hid_hw_raw_request() is actually useful to ensure the provided buffer and length are valid. Directly calling in the low level transport driver function bypassed those checks and allowed invalid paramto be used.

Затрагиваемое ПО
Linux Linux kernelDebian Debian linux
CVSS
Балл7.8 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://git.kernel.org/stable/c/0e5017d84d650ca0eeaf4a3fe9264c5dbc886b81https://git.kernel.org/stable/c/19d1314d46c0d8a5c08ab53ddeb62280c77698c0https://git.kernel.org/stable/c/40e25aa7e4e0f2440c73a683ee448e41c7c344edhttps://git.kernel.org/stable/c/a62a895edb2bfebffa865b5129a66e3b4287f34fhttps://git.kernel.org/stable/c/c2ca42f190b6714d6c481dfd3d9b62ea091c946bhttps://git.kernel.org/stable/c/d18f63e848840100dbc351a82e7042eac5a28cf5https://git.kernel.org/stable/c/dd8e8314f2ce225dade5248dcfb9e2ac0edda624https://git.kernel.org/stable/c/f10923b8d32a473b229477b63f23bbd72b1e9910