CVE-2025-38548
EUVD-2025-2510016.08.2025, 12:15
In the Linux kernel, the following vulnerability has been resolved: hwmon: (corsair-cpro) Validate the size of the received input buffer Add buffer_recv_size to store the size of the received bytes. Validate buffer_recv_size in send_usb_cmd().Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| linux | linux_kernel | 5.9 ≤ 𝑥 < 5.10.241 |
| linux | linux_kernel | 5.11 ≤ 𝑥 < 5.15.190 |
| linux | linux_kernel | 5.16 ≤ 𝑥 < 6.1.147 |
| linux | linux_kernel | 6.2 ≤ 𝑥 < 6.6.100 |
| linux | linux_kernel | 6.7 ≤ 𝑥 < 6.12.40 |
| linux | linux_kernel | 6.13 ≤ 𝑥 < 6.15.8 |
| linux | linux_kernel | 6.16:rc1 |
| linux | linux_kernel | 6.16:rc2 |
| linux | linux_kernel | 6.16:rc3 |
| linux | linux_kernel | 6.16:rc4 |
| linux | linux_kernel | 6.16:rc5 |
| linux | linux_kernel | 6.16:rc6 |
| debian | debian_linux | 11.0 |
𝑥
= Vulnerable software versions
Debian Releases
openSUSE / SLES Releases
openSUSE Product | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| kernel-64kb |
| ||||||||||||||||
| kernel-azure |
| ||||||||||||||||
| kernel-default |
| ||||||||||||||||
| kernel-default-base |
| ||||||||||||||||
| kernel-default-extra |
| ||||||||||||||||
| kernel-obs-build |
| ||||||||||||||||
| kernel-source |
| ||||||||||||||||
| kernel-source-azure |
| ||||||||||||||||
| kernel-zfcpdump |
| ||||||||||||||||
| reiserfs-kmp-default |
|
References