CVE-2025-39808
EUVD-2025-2960616.09.2025, 13:15
In the Linux kernel, the following vulnerability has been resolved: HID: hid-ntrig: fix unable to handle page fault in ntrig_report_version() in ntrig_report_version(), hdev parameter passed from hid_probe(). sending descriptor to /dev/uhid can make hdev->dev.parent->parent to null if hdev->dev.parent->parent is null, usb_dev has invalid address(0xffffffffffffff58) that hid_to_usb_dev(hdev) returned when usb_rcvctrlpipe() use usb_dev,it trigger page fault error for address(0xffffffffffffff58) add null check logic to ntrig_report_version() before calling hid_to_usb_dev()Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| linux | linux_kernel | 2.6.37 ≤ 𝑥 < 5.4.298 |
| linux | linux_kernel | 5.5 ≤ 𝑥 < 5.10.242 |
| linux | linux_kernel | 5.11 ≤ 𝑥 < 5.15.191 |
| linux | linux_kernel | 5.16 ≤ 𝑥 < 6.1.150 |
| linux | linux_kernel | 6.2 ≤ 𝑥 < 6.6.104 |
| linux | linux_kernel | 6.7 ≤ 𝑥 < 6.12.45 |
| linux | linux_kernel | 6.13 ≤ 𝑥 < 6.16.5 |
| linux | linux_kernel | 6.17:rc1 |
| linux | linux_kernel | 6.17:rc2 |
| linux | linux_kernel | 6.17:rc3 |
| debian | debian_linux | 11.0 |
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
| Vendor | Product | Version | Source |
|---|---|---|---|
| Siemens | SIMATIC CN 4100 | 𝑥 < V5.0 | ADP |
| siemens | simatic_cn_4100 | 𝑥 < 5.0 | ADP |
Debian Releases
openSUSE / SLES Releases
openSUSE Product | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| cluster-md-kmp-default |
| ||||||||||||||
| dlm-kmp-default |
| ||||||||||||||
| gfs2-kmp-default |
| ||||||||||||||
| kernel-64kb |
| ||||||||||||||
| kernel-azure |
| ||||||||||||||
| kernel-default |
| ||||||||||||||
| kernel-default-base |
| ||||||||||||||
| kernel-default-man |
| ||||||||||||||
| kernel-obs-build |
| ||||||||||||||
| kernel-source |
| ||||||||||||||
| kernel-source-azure |
| ||||||||||||||
| kernel-zfcpdump |
| ||||||||||||||
| ocfs2-kmp-default |
|
Azure Linux Releases
References