CVE-2025-38494

{"id": "CVE-2025-38494", "cveTags": [], "metrics": {}, "published": "2025-07-28T12:15:31.607", "references": [{"url": "https://git.kernel.org/stable/c/0e5017d84d650ca0eeaf4a3fe9264c5dbc886b81", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/19d1314d46c0d8a5c08ab53ddeb62280c77698c0", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/a62a895edb2bfebffa865b5129a66e3b4287f34f", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/c2ca42f190b6714d6c481dfd3d9b62ea091c946b", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/d18f63e848840100dbc351a82e7042eac5a28cf5", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Awaiting Analysis", "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: core: do not bypass hid_hw_raw_request\n\nhid_hw_raw_request() is actually useful to ensure the provided buffer\nand length are valid. Directly calling in the low level transport driver\nfunction bypassed those checks and allowed invalid paramto be used."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: HID: n\u00facleo: no omitir hid_hw_raw_request. hid_hw_raw_request() es \u00fatil para garantizar la validez del b\u00fafer y la longitud proporcionados. Llamar directamente a la funci\u00f3n del controlador de transporte de bajo nivel omit\u00eda estas comprobaciones y permit\u00eda el uso de par\u00e1metros no v\u00e1lidos."}], "lastModified": "2025-07-29T14:14:29.590", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}