CVE-2025-38556

HIGH EPSS 4.6%
Published Aug 19, 202510mo ago · Modified Jun 17, 20261w ago
7.1 CVSS 3.1
High
Find Similar
Published Aug 19, 2025 10mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: HID: core: Harden s32ton() against conversion to 0 bits Testing by the syzbot fuzzer showed that the HID core gets a shift-out-of-bounds exception when it tries to convert a 32-bit quantity to a 0-bit quantity. Ideally this should never occur, but there are buggy devices and some might have a report field with size set to zero; we shouldn't reject the report or the device just because of that. Instead, harden the s32ton() routine so that it returns a reasonable result instead of crashing when it is called with the number of bits set to 0 -- the same as what snto32() does.

CVSS Details

Base Score
7.1
Exploitability
1.8
Impact
5.2
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
4.6% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-125 Out-of-bounds Read Memory Safety

Affected Products 3

VendorProductVersionRange
linuxlinux_kernel*≥2.6.20  –  <6.12.46
linuxlinux_kernel*≥6.13  –  <6.15.10
linuxlinux_kernel*≥6.16  –  <6.16.1

References 8

  • git.kernel.org https://git.kernel.org/stable/c/3c86548a20d7bc2861aa4de044991a327bebad1a
  • git.kernel.org https://git.kernel.org/stable/c/6cdf6c708717c5c6897d0800a1793e83757c7491
  • git.kernel.org https://git.kernel.org/stable/c/810189546cb6c8f36443ed091d91f1f5d2fc2ec7
  • git.kernel.org https://git.kernel.org/stable/c/865ad8469fa24de1559f247d9426ab01e5ce3a56
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8b4a94b1510f6a46ec48494b52ee8f67eb4fc836
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a6b87bfc2ab5bccb7ad953693c85d9062aef3fdd
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d3b504146c111548ab60b6ef7aad00bfb1db05a2
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/eeeaba737919bdce9885e2a00ac2912f61a3684d

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/865ad8469fa24de1559f247d9426ab01e5ce3a56
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8b4a94b1510f6a46ec48494b52ee8f67eb4fc836
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a6b87bfc2ab5bccb7ad953693c85d9062aef3fdd
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d3b504146c111548ab60b6ef7aad00bfb1db05a2
    Patch