Re: CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID

Next message: Ilpo J&#xE4;rvinen: "Re: [REGRESSION][PATCH] serial: 8250_pci: Fix broken RS485 for F81504/508/512"
Previous message: Thomas Zimmermann: "[PATCH] ARM: spitz: Do not include &lt;linux/fb.h&gt;"
In reply to: gregkh@xxxxxxxxxxxxxxxxxxx: "Re: CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID"
Next in thread: gregkh@xxxxxxxxxxxxxxxxxxx: "Re: CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Siddh Raman Pant

Date: Tue Sep 30 2025 - 07:32:35 EST

On Tue, Sep 30 2025 at 16:52:30 +0530, gregkh@xxxxxxxxxxxxxxxxxxx
wrote:
> Is the CVE referenced here in the Subject line, and the git id it
> references not valid?

It is valid.

> Is there some other commit that also fixes a vulnerability
> that should also be assigned to a new CVE?

Yes: 0d0777ccaa2d46609d05b66ba0096802a2746193 which is immediately
after the commit in title, and fixes the underflow reported by
syzkaller (see [1] and the commit message for the tested-by), which is
the main bug, for which there is also a public exploit (see [2]).

[1] https://lore.kernel.org/all/686bb229.a00a0220.c7b3.0081.GAE@xxxxxxxxxx/t/#u

[2] https://github.com/xairy/kernel-exploits/tree/master/CVE-2025-38494

Thanks,
Siddh

Attachment: signature.asc
Description: This is a digitally signed message part