CVE-2025-38103
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
03/07/2025
Last modified:
03/07/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse()<br />
<br />
Update struct hid_descriptor to better reflect the mandatory and<br />
optional parts of the HID Descriptor as per USB HID 1.11 specification.<br />
Note: the kernel currently does not parse any optional HID class<br />
descriptors, only the mandatory report descriptor.<br />
<br />
Update all references to member element desc[0] to rpt_desc.<br />
<br />
Add test to verify bLength and bNumDescriptors values are valid.<br />
<br />
Replace the for loop with direct access to the mandatory HID class<br />
descriptor member for the report descriptor. This eliminates the<br />
possibility of getting an out-of-bounds fault.<br />
<br />
Add a warning message if the HID descriptor contains any unsupported<br />
optional HID class descriptors.
Impact
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/1df80d748f984290c895e843401824215dcfbfb0
- https://git.kernel.org/stable/c/41827a2dbdd7880df9881506dee13bc88d4230bb
- https://git.kernel.org/stable/c/485e1b741eb838cbe1d6b0e81e5ab62ae6c095cf
- https://git.kernel.org/stable/c/4fa7831cf0ac71a0a345369d1a6084f2b096e55e
- https://git.kernel.org/stable/c/74388368927e9c52a69524af5bbd6c55eb4690de
- https://git.kernel.org/stable/c/7a6d6b68db128da2078ccd9a751dfa3f75c9cf5b
- https://git.kernel.org/stable/c/a8f842534807985d3a676006d140541b87044345
- https://git.kernel.org/stable/c/fe7f7ac8e0c708446ff017453add769ffc15deed