Buffer Overflow in Linux Kernel due to Insufficient Report Buffer Allocation
CVE-2025-38495

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 28 July 2025

What is CVE-2025-38495?

A vulnerability exists in the Linux kernel's HID subsystem, where the allocated report buffer is not appropriately sized to accommodate the reserved report ID. When the report ID is not in use, low-level transport drivers expect the initial byte to be 0. The current implementation fails to account for this extra byte, resulting in a situation where the report buffer guarantees only 7 bytes of usable space instead of the necessary 8 bytes. This flaw can lead to unexpected behavior in drivers that rely on the correct buffer allocation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch