CVE-2025-21794

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2025-21794
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-21794.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-21794
Downstream
Related
Published
2025-02-27T02:18:30.907Z
Modified
2025-12-02T05:38:27.973712Z
Severity
  • 7.1 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H CVSS Calculator
Summary
HID: hid-thrustmaster: fix stack-out-of-bounds read in usb_check_int_endpoints()
Details

In the Linux kernel, the following vulnerability has been resolved:

HID: hid-thrustmaster: fix stack-out-of-bounds read in usbcheckint_endpoints()

Syzbot[1] has detected a stack-out-of-bounds read of the epaddr array from hid-thrustmaster driver. This array is passed to usbcheckintendpoints function from usb.c core driver, which executes a for loop that iterates over the elements of the passed array. Not finding a null element at the end of the array, it tries to read the next, non-existent element, crashing the kernel.

To fix this, a 0 element was added at the end of the array to break the for loop.

[1] https://syzkaller.appspot.com/bug?extid=9c9179ac46169c56c1ad

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/21xxx/CVE-2025-21794.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
220883fba32549a34f0734e4859d07f4dcd56992
Fixed
436f48c864186e9413d1b7c6e91767cc9e1a65b8
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
ae730deded66150204c494282969bfa98dc3ae67
Fixed
f3ce05283f6cb6e19c220f5382def43dc5bd56b9
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
e5bcae4212a6a4b4204f46a1b8bcba08909d2007
Fixed
cdd9a1ea23ff1a272547217100663e8de4eada40
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
816e84602900f7f951458d743fa12769635ebfd5
Fixed
73e36a699b9f46322ffb81f072a24e64f728dba7
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
50420d7c79c37a3efe4010ff9b1bb14bc61ebccf
Fixed
0b43d98ff29be3144e86294486b1373b5df74c0e

Affected versions

v6.*

v6.12.13
v6.12.14
v6.12.15
v6.13
v6.13-rc1
v6.13-rc2
v6.13-rc3
v6.13-rc4
v6.13-rc5
v6.13-rc6
v6.13-rc7
v6.13.2
v6.13.3
v6.6.76
v6.6.77
v6.6.78

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-21794.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.6.76
Fixed
6.6.79
Type
ECOSYSTEM
Events
Introduced
6.12.13
Fixed
6.12.16
Type
ECOSYSTEM
Events
Introduced
6.13.2
Fixed
6.13.4

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-21794.json"