CVE-2025-38556
📋 TL;DR
A vulnerability in the Linux kernel's HID core allows a shift-out-of-bounds exception when converting 32-bit quantities to 0-bit quantities. This could lead to kernel crashes or potential privilege escalation if exploited. Affects Linux systems with HID devices, particularly those using buggy hardware with malformed reports.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash, or potential privilege escalation to kernel mode if combined with other vulnerabilities.
Likely Case
System instability or crash when interacting with malformed HID devices, causing denial of service.
If Mitigated
Minor system instability that self-recovers or requires reboot.
🎯 Exploit Status
Exploitation requires access to a vulnerable HID device or ability to send malformed HID reports.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Multiple stable kernel versions with commits: 3c86548a20d7bc2861aa4de044991a327bebad1a, 6cdf6c708717c5c6897d0800a1793e83757c7491, 810189546cb6c8f36443ed091d91f1f5d2fc2ec7, 865ad8469fa24de1559f247d9426ab01e5ce3a56, 8b4a94b1510f6a46ec48494b52ee8f67eb4fc836
Vendor Advisory: https://git.kernel.org/stable/c/
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version. 2. Check distribution-specific security advisories. 3. Reboot system after kernel update.
🔧 Temporary Workarounds
Restrict HID device access
linuxLimit physical access to HID devices and use device authorization controls.
# Use udev rules to restrict device access
# Example: Create /etc/udev/rules.d/99-hid-restrict.rules
🧯 If You Can't Patch
- Implement strict physical security controls for HID devices
- Monitor system logs for kernel panic or crash events related to HID
🔍 How to Verify
Check if Vulnerable:
Check kernel version and compare with patched versions. Use: uname -r and check if commit is present in kernel source.Check Version:
uname -rVerify Fix Applied:
Verify kernel version is updated and check that s32ton() hardening commits are present in kernel source.📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages
- HID-related error messages in dmesg
- System crash reports
Network Indicators:
- Not network exploitable
SIEM Query:
source="kernel" AND ("panic" OR "HID" OR "shift-out-of-bounds")🔗 References
- https://git.kernel.org/stable/c/3c86548a20d7bc2861aa4de044991a327bebad1a
- https://git.kernel.org/stable/c/6cdf6c708717c5c6897d0800a1793e83757c7491
- https://git.kernel.org/stable/c/810189546cb6c8f36443ed091d91f1f5d2fc2ec7
- https://git.kernel.org/stable/c/865ad8469fa24de1559f247d9426ab01e5ce3a56
- https://git.kernel.org/stable/c/8b4a94b1510f6a46ec48494b52ee8f67eb4fc836
- https://git.kernel.org/stable/c/a6b87bfc2ab5bccb7ad953693c85d9062aef3fdd
- https://git.kernel.org/stable/c/d3b504146c111548ab60b6ef7aad00bfb1db05a2
- https://git.kernel.org/stable/c/eeeaba737919bdce9885e2a00ac2912f61a3684d
