Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: HID: uclogic: Add NULL check in uclogic_input_configured() devm_kasprintf() returns NULL when memory allocation fails. Currently, uclogic_input_configured() does not check for this case, which results in a NULL pointer dereference. Add NULL check after devm_kasprintf() to prevent this issue.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 6.1.53, < 6.1.140 |
| Debian | Debian Linux | 11.0 |
Related Weaknesses (CWE)
References
- https://git.kernel.org/stable/c/00d52b2fa6083dd0f5c44f3604cd1bad1f9177dcPatch
- https://git.kernel.org/stable/c/01b76cc8ca243fc3376b035aa326bbc4f03d384bPatch
- https://git.kernel.org/stable/c/94e7272b636a0677082e0604609e4c471e0a2cafPatch
- https://git.kernel.org/stable/c/a9f58479a1a2c6f72907679c4df2f4ed92b05b39Patch
- https://git.kernel.org/stable/c/ad6caaf29bc26a48b1241ce82561fcbcf0a75aa9Patch
- https://git.kernel.org/stable/c/b616453d719ee1b8bf2ea6f6cc6c6258a572a590Patch
- https://git.kernel.org/stable/c/bd07f751208ba190f9b0db5e5b7f35d5bb4a8a1ePatch
- https://lists.debian.org/debian-lts-announce/2025/08/msg00010.htmlThird Party AdvisoryMailing List
FAQ
What is CVE-2025-38007?
CVE-2025-38007 is a vulnerability with a CVSS score of 5.5 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: HID: uclogic: Add NULL check in uclogic_input_configured() devm_kasprintf() returns NULL when memory allocation fails. Currently, ...
How severe is CVE-2025-38007?
CVE-2025-38007 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-38007?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel, Debian Debian Linux.