Buffer Validation Issue in Corsair CPRO Hardware Monitoring Driver
CVE-2025-38548

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
16 August 2025

What is CVE-2025-38548?

A vulnerability in the Corsair CPRO hardware monitoring driver within the Linux kernel was identified, where the size of the input buffer was not properly validated. This oversight could lead to potential security risks if exploited, as it allows manipulation of buffer sizes in the send_usb_cmd() function. A fix has been implemented to validate the size of the received input, enhancing the overall security of the driver.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 40c3a445422579db8ad96c234dbe6c0ab3f6b936 < 2e6f4d9cfbda52700c126c5a2b93dd2042e8680c

Linux 40c3a445422579db8ad96c234dbe6c0ab3f6b936 < 4eb5cc48399f89b63acdbfe912fa5c8fe2900147

Linux 40c3a445422579db8ad96c234dbe6c0ab3f6b936 < 0db770e2922389753ddbd6663a5516a32b97b743

References

https://git.kernel.org/stable/c/2e6f4d9cfbda52700c126c5a2...
https://git.kernel.org/stable/c/4eb5cc48399f89b63acdbfe91...
https://git.kernel.org/stable/c/0db770e2922389753ddbd6663...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.