Linux Kernel HID Vulnerability in Wacom Devices by Vendor
CVE-2025-38253
Currently unrated
What is CVE-2025-38253?
In the Linux kernel, a flaw exists within the handling of Wacom devices, specifically linked to the scheduled operation of the aes_battery_work function. When a device is removed, the pending work is not canceled, leading to severe crashes, or 'Oops: general protection fault', when the handler is invoked later. This scenario predominantly arises for built-in USB devices after resuming from hibernation while aes_battery_work remains pending. The proper management of this function during device removal is critical to prevent crashes and maintain system integrity.
Affected Version(s)
Linux fd2a9b29dc9c4c35def91d5d1c5b470843539de6
Linux fd2a9b29dc9c4c35def91d5d1c5b470843539de6 < 57a3d82200dbeccd002244b96acad570eeeb731f
Linux fd2a9b29dc9c4c35def91d5d1c5b470843539de6