Use-After-Free Vulnerability in Linux Kernel HID Driver by Intel
CVE-2025-21928

7.8HIGH

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 1 April 2025

Summary

A vulnerability in the Intel HID driver for the Linux kernel can lead to unexpected system crashes shortly after driver removal due to improper memory management. The issue arises in the ishtp_hid_remove() function, where the driver_data is incorrectly freed during the destruction loop of HID devices. This happens because the freed driver_data is accessed in the hid_destroy_device() function when attempting to power off the sensor, resulting in a use-after-free condition. The patch addresses this flaw by temporarily storing driver_data before device destruction, ensuring safe memory access.

Affected Version(s)

Linux 0b28cb4bcb17dcb5fe0763fc3e1a94398b8f6cf6 < 0c1fb475ef999d6c22fc3f963fdf20cb3ed1b03d

Linux 0b28cb4bcb17dcb5fe0763fc3e1a94398b8f6cf6

Linux 0b28cb4bcb17dcb5fe0763fc3e1a94398b8f6cf6 < 01b18a330cda61cc21423a7d1af92cf31ded8f60

References

https://git.kernel.org/stable/c/0c1fb475ef999d6c22fc3f963...

https://git.kernel.org/stable/c/d3faae7f42181865c799d88c5...

https://git.kernel.org/stable/c/01b18a330cda61cc21423a7d1...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 1, 2025
Vulnerability Reserved
Dec 29, 2024