CVE-2025-38494
📋 TL;DR
A vulnerability in the Linux kernel's HID subsystem allows low-level transport drivers to bypass parameter validation in hid_hw_raw_request(). This could enable attackers with local access to pass invalid parameters that might lead to kernel crashes or potential privilege escalation. Systems running vulnerable Linux kernel versions with HID devices are affected.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Local privilege escalation leading to full system compromise or kernel panic causing system instability.
Likely Case
Kernel crash (denial of service) or limited information disclosure from kernel memory.
If Mitigated
No impact if proper access controls prevent local attackers from accessing HID interfaces.
🎯 Exploit Status
Exploitation requires local access and knowledge of HID subsystem internals. No public exploit code identified.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Patches available in stable kernel trees (commits referenced in CVE)
Vendor Advisory: https://git.kernel.org/stable/c/0e5017d84d650ca0eeaf4a3fe9264c5dbc886b81
Restart Required: Yes
Instructions:
1. Update to patched kernel version from your distribution's repository. 2. Reboot system to load new kernel. 3. Verify kernel version after reboot.
🔧 Temporary Workarounds
Restrict HID device access
linuxLimit access to HID devices using filesystem permissions or mandatory access controls.
chmod 600 /dev/hidraw*
setfacl -m u:root:rw /dev/hidraw*
🧯 If You Can't Patch
- Implement strict access controls to prevent unauthorized users from accessing HID devices
- Monitor system logs for unusual HID device activity or kernel crashes
🔍 How to Verify
Check if Vulnerable:
Check kernel version and compare with patched versions from distribution vendor. Examine if HID subsystem is loaded.Check Version:
uname -rVerify Fix Applied:
Verify kernel version matches patched version from vendor. Check that HID devices function normally.📡 Detection & Monitoring
Log Indicators:
- Kernel oops messages
- System crashes related to HID subsystem
- Unusual HID device access in audit logs
Network Indicators:
- Not applicable - local vulnerability
SIEM Query:
source="kernel" AND ("HID" OR "hid_hw_raw_request") AND ("panic" OR "oops" OR "segfault")🔗 References
- https://git.kernel.org/stable/c/0e5017d84d650ca0eeaf4a3fe9264c5dbc886b81
- https://git.kernel.org/stable/c/19d1314d46c0d8a5c08ab53ddeb62280c77698c0
- https://git.kernel.org/stable/c/40e25aa7e4e0f2440c73a683ee448e41c7c344ed
- https://git.kernel.org/stable/c/a62a895edb2bfebffa865b5129a66e3b4287f34f
- https://git.kernel.org/stable/c/c2ca42f190b6714d6c481dfd3d9b62ea091c946b
- https://git.kernel.org/stable/c/d18f63e848840100dbc351a82e7042eac5a28cf5
- https://git.kernel.org/stable/c/dd8e8314f2ce225dade5248dcfb9e2ac0edda624
- https://git.kernel.org/stable/c/f10923b8d32a473b229477b63f23bbd72b1e9910
- https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
- https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
