In the Linux kernel, the following vulnerability has been resolved:
HID: pidff: Fix null pointer dereference in pidff_find_fields
This function triggered a null pointer dereference if used to search for
a report that isn't implemented on the device. This happened both for
optional and required reports alike.
The same logic was applied to pidff_find_special_field and although
pidff_init_fields should return an error earlier if one of the required
reports is missing, future modifications could change this logic and
resurface this possible null pointer dereference again.
LKML bug report:
https://lore.kernel.org/all/CAL-gK7f5=R0nrrQdPtaZZr1fd-cdAMbDMuZ_NLA8vM0SX+nGSw@mail.gmail.com
Metrics
Affected Vendors & Products
No data.
No data.
No data.
References
History
Fri, 09 May 2025 07:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | In the Linux kernel, the following vulnerability has been resolved: HID: pidff: Fix null pointer dereference in pidff_find_fields This function triggered a null pointer dereference if used to search for a report that isn't implemented on the device. This happened both for optional and required reports alike. The same logic was applied to pidff_find_special_field and although pidff_init_fields should return an error earlier if one of the required reports is missing, future modifications could change this logic and resurface this possible null pointer dereference again. LKML bug report: https://lore.kernel.org/all/CAL-gK7f5=R0nrrQdPtaZZr1fd-cdAMbDMuZ_NLA8vM0SX+nGSw@mail.gmail.com | |
| Title | HID: pidff: Fix null pointer dereference in pidff_find_fields | |
| References |
|
|
MITRE
Status: PUBLISHED
Assigner: Linux
Published: 2025-05-09T06:42:07.941Z
Updated: 2025-05-09T06:42:07.941Z
Reserved: 2025-04-16T04:51:23.958Z
Link: CVE-2025-37862
Vulnrichment
No data.
NVD
Status : Received
Published: 2025-05-09T07:16:07.190
Modified: 2025-05-09T07:16:07.190
Link: CVE-2025-37862
Redhat
No data.