CVE-2025-38548 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: hwmon: (corsair-cpro) Validate the size of the received input buffer Add buffer_recv_size to store the size of the received bytes. Validate buffer_recv_size in send_usb_cmd().

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/0db770e2922389753ddbd6663a5516a32b97b743
https://git.kernel.org/stable/c/2771d2ee3d95700f34e1e4df6a445c90565cd4e9
https://git.kernel.org/stable/c/3c4bdc8a852e446080adc8ceb90ddd67a56e1bb8
https://git.kernel.org/stable/c/495a4f0dce9c8c4478c242209748f1ee9e4d5820
https://git.kernel.org/stable/c/eda5e38cc4dd2dcb422840540374910ef2818494

History

Sat, 16 Aug 2025 11:45:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: hwmon: (corsair-cpro) Validate the size of the received input buffer Add buffer_recv_size to store the size of the received bytes. Validate buffer_recv_size in send_usb_cmd().
Title		hwmon: (corsair-cpro) Validate the size of the received input buffer
References		https://git.kernel.org/stable/c/0db770e2922389753ddbd6663a5516a32b97b743 https://git.kernel.org/stable/c/2771d2ee3d95700f34e1e4df6a445c90565cd4e9 https://git.kernel.org/stable/c/3c4bdc8a852e446080adc8ceb90ddd67a56e1bb8 https://git.kernel.org/stable/c/495a4f0dce9c8c4478c242209748f1ee9e4d5820 https://git.kernel.org/stable/c/eda5e38cc4dd2dcb422840540374910ef2818494

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-08-16T11:34:16.889Z

Updated: 2025-08-16T11:34:16.889Z

Reserved: 2025-04-16T04:51:24.024Z

Link: CVE-2025-38548

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-08-16T12:15:30.880

Modified: 2025-08-16T12:15:30.880

Link: CVE-2025-38548

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-38548", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-04-16T04:51:24.024Z", "datePublished": "2025-08-16T11:34:16.889Z", "dateUpdated": "2025-08-16T11:34:16.889Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-08-16T11:34:16.889Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nhwmon: (corsair-cpro) Validate the size of the received input buffer\n\nAdd buffer_recv_size to store the size of the received bytes.\nValidate buffer_recv_size in send_usb_cmd()."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/hwmon/corsair-cpro.c"], "versions": [{"version": "40c3a445422579db8ad96c234dbe6c0ab3f6b936", "lessThan": "0db770e2922389753ddbd6663a5516a32b97b743", "status": "affected", "versionType": "git"}, {"version": "40c3a445422579db8ad96c234dbe6c0ab3f6b936", "lessThan": "eda5e38cc4dd2dcb422840540374910ef2818494", "status": "affected", "versionType": "git"}, {"version": "40c3a445422579db8ad96c234dbe6c0ab3f6b936", "lessThan": "3c4bdc8a852e446080adc8ceb90ddd67a56e1bb8", "status": "affected", "versionType": "git"}, {"version": "40c3a445422579db8ad96c234dbe6c0ab3f6b936", "lessThan": "2771d2ee3d95700f34e1e4df6a445c90565cd4e9", "status": "affected", "versionType": "git"}, {"version": "40c3a445422579db8ad96c234dbe6c0ab3f6b936", "lessThan": "495a4f0dce9c8c4478c242209748f1ee9e4d5820", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/hwmon/corsair-cpro.c"], "versions": [{"version": "5.9", "status": "affected"}, {"version": "0", "lessThan": "5.9", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.147", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.100", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.40", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.15.8", "lessThanOrEqual": "6.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.16", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.9", "versionEndExcluding": "6.1.147"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.9", "versionEndExcluding": "6.6.100"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.9", "versionEndExcluding": "6.12.40"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.9", "versionEndExcluding": "6.15.8"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.9", "versionEndExcluding": "6.16"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/0db770e2922389753ddbd6663a5516a32b97b743"}, {"url": "https://git.kernel.org/stable/c/eda5e38cc4dd2dcb422840540374910ef2818494"}, {"url": "https://git.kernel.org/stable/c/3c4bdc8a852e446080adc8ceb90ddd67a56e1bb8"}, {"url": "https://git.kernel.org/stable/c/2771d2ee3d95700f34e1e4df6a445c90565cd4e9"}, {"url": "https://git.kernel.org/stable/c/495a4f0dce9c8c4478c242209748f1ee9e4d5820"}], "title": "hwmon: (corsair-cpro) Validate the size of the received input buffer", "x_generator": {"engine": "bippy-1.2.0"}}}}