CVE-2025-39808
HID: hid-ntrig: fix unable to handle page fault in ntrig_report_version()
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In the Linux kernel, the following vulnerability has been resolved: HID: hid-ntrig: fix unable to handle page fault in ntrig_report_version() in ntrig_report_version(), hdev parameter passed from hid_probe().
sending descriptor to /dev/uhid can make hdev->dev.parent->parent to null
if hdev->dev.parent->parent is null, usb_dev has
invalid address(0xffffffffffffff58) that hid_to_usb_dev(hdev) returned
when usb_rcvctrlpipe() use usb_dev,it trigger
page fault error for address(0xffffffffffffff58) add null check logic to ntrig_report_version()
before calling hid_to_usb_dev()
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this to expose sensitive information from the host OS. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2025-04-16 CVE Reserved
- 2025-09-16 CVE Published
- 2025-11-03 CVE Updated
- 2025-11-23 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (9)
| URL | Tag | Source |
|---|---|---|
| https://git.kernel.org/stable/c/0277873c05158c5efc97c23d52e6aec6250bde0f | Vuln. Introduced |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 2.6.37 < 5.4.298 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.37 < 5.4.298" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 2.6.37 < 5.10.242 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.37 < 5.10.242" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 2.6.37 < 5.15.191 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.37 < 5.15.191" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 2.6.37 < 6.1.150 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.37 < 6.1.150" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 2.6.37 < 6.6.104 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.37 < 6.6.104" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 2.6.37 < 6.12.45 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.37 < 6.12.45" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 2.6.37 < 6.16.5 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.37 < 6.16.5" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 2.6.37 < 6.17 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.37 < 6.17" | en |
Affected
| ||||||