CVE-2025-38103

7.1 HIGH

Denial of Service

📋 TL;DR

This CVE-2025-38103 is an out-of-bounds read vulnerability in the Linux kernel's USB HID driver that could allow local attackers to cause denial of service or potentially leak kernel memory. The bug occurs when parsing malformed HID descriptors from USB devices. Systems using affected Linux kernel versions with USB HID devices are vulnerable.

💻 Affected Systems

Products:

Linux kernel

Versions: Specific affected versions not specified in CVE description, but likely multiple stable kernel versions before the fix commits.

Operating Systems: Linux distributions using vulnerable kernel versions

Default Config Vulnerable: ⚠️ Yes

Notes: Requires USB HID device functionality to be enabled (common in most Linux distributions).

📦 What is this software?

Debian Linux by Debian

View all CVEs affecting Debian Linux →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic leading to system crash and denial of service, or potential kernel memory disclosure that could aid further exploitation.

🟠

Likely Case

System crash or instability when connecting malicious USB HID devices, requiring reboot to restore functionality.

🟢

If Mitigated

No impact if patched or if USB HID device restrictions are in place.

🌐 Internet-Facing: LOW - Requires physical or local USB device access, not remotely exploitable.

🏢 Internal Only: MEDIUM - Malicious USB devices could be plugged into vulnerable systems by insiders or through physical access.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires physical access or ability to connect malicious USB HID devices. No remote exploitation vector.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Kernel versions containing commits: 1df80d748f984290c895e843401824215dcfbfb0, 41827a2dbdd7880df9881506dee13bc88d4230bb, 485e1b741eb838cbe1d6b0e81e5ab62ae6c095cf, 4fa7831cf0ac71a0a345369d1a6084f2b096e55e, 74388368927e9c52a69524af5bbd6c55eb4690de

Vendor Advisory: https://git.kernel.org/stable/c/

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version from your distribution's repositories. 2. Reboot system to load new kernel. 3. Verify kernel version after reboot.

🔧 Temporary Workarounds

Disable USB HID device support

linux

Prevent USB HID devices from being recognized by the kernel

echo 'install usbhid /bin/false' >> /etc/modprobe.d/disable-usbhid.conf
rmmod usbhid

Restrict USB device access

linux

Use udev rules to block unauthorized USB HID devices

echo 'SUBSYSTEM=="usb", ATTR{idVendor}=="*", ATTR{idProduct}=="*", ATTR{authorized}="0"' > /etc/udev/rules.d/99-usb-restrict.rules
udevadm control --reload-rules

🧯 If You Can't Patch

Implement strict physical security controls to prevent unauthorized USB device connections
Use USB port blocking devices or disable USB ports in BIOS/UEFI where possible

🔍 How to Verify

Check if Vulnerable:

Check kernel version and compare with distribution's security advisories. Vulnerable if using kernel before fix commits.

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes the fix commits: 'uname -r' and check with distribution's package manager.

📡 Detection & Monitoring

Log Indicators:

Kernel oops messages in /var/log/kern.log or dmesg
System crash/reboot logs
USB device connection errors

Network Indicators:

No network indicators - local vulnerability only

SIEM Query:

source="kernel" AND ("oops" OR "panic" OR "BUG") AND ("usbhid" OR "HID")

📊 Metadata

CVE ID: CVE-2025-38103

CVSS v3 Score: 7.1 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

CWE: CWE-125

EPSS Score: 0.02% exploit probability (5.3th percentile)

Published: July 3, 2025

Last Updated: December 16, 2025

🔗 References

https://git.kernel.org/stable/c/1df80d748f984290c895e843401824215dcfbfb0 Patch
https://git.kernel.org/stable/c/41827a2dbdd7880df9881506dee13bc88d4230bb Patch
https://git.kernel.org/stable/c/485e1b741eb838cbe1d6b0e81e5ab62ae6c095cf Patch
https://git.kernel.org/stable/c/4fa7831cf0ac71a0a345369d1a6084f2b096e55e Patch
https://git.kernel.org/stable/c/74388368927e9c52a69524af5bbd6c55eb4690de Patch
https://git.kernel.org/stable/c/7a6d6b68db128da2078ccd9a751dfa3f75c9cf5b Patch
https://git.kernel.org/stable/c/a8f842534807985d3a676006d140541b87044345 Patch
https://git.kernel.org/stable/c/fe7f7ac8e0c708446ff017453add769ffc15deed Patch
https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html Third Party Advisory,Mailing List
https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html Third Party Advisory,Mailing List