CVE-2025-21794
Severity CVSS v4.0:
Pending analysis
Type:
CWE-125
Out-of-bounds Read
Publication date:
27/02/2025
Last modified:
05/03/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
HID: hid-thrustmaster: fix stack-out-of-bounds read in usb_check_int_endpoints()<br />
<br />
Syzbot[1] has detected a stack-out-of-bounds read of the ep_addr array from<br />
hid-thrustmaster driver. This array is passed to usb_check_int_endpoints<br />
function from usb.c core driver, which executes a for loop that iterates<br />
over the elements of the passed array. Not finding a null element at the end of<br />
the array, it tries to read the next, non-existent element, crashing the kernel.<br />
<br />
To fix this, a 0 element was added at the end of the array to break the for<br />
loop.<br />
<br />
[1] https://syzkaller.appspot.com/bug?extid=9c9179ac46169c56c1ad
Impact
Base Score 3.x
7.10
Severity 3.x
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.6.76 (including) | 6.6.79 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.12.13 (including) | 6.12.16 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.13.2 (including) | 6.13.4 (excluding) |
| cpe:2.3:o:linux:linux_kernel:6.14:rc1:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.14:rc2:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/0b43d98ff29be3144e86294486b1373b5df74c0e
- https://git.kernel.org/stable/c/436f48c864186e9413d1b7c6e91767cc9e1a65b8
- https://git.kernel.org/stable/c/73e36a699b9f46322ffb81f072a24e64f728dba7
- https://git.kernel.org/stable/c/cdd9a1ea23ff1a272547217100663e8de4eada40
- https://git.kernel.org/stable/c/f3ce05283f6cb6e19c220f5382def43dc5bd56b9