Race condition in Linux kernel hid usbhid driver

1) Race condition

EUVDB-ID: #VU109559

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-37985

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition within the pidff_reset() function in drivers/hid/usbhid/hid-pidff.c. A local user can escalate privileges on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Linux kernel: 6.14 - 6.14.4

CPE2.3

• cpe:2.3:o:linux_foundation:linux_kernel:6.14:*:*:*:*:*:*:*
• cpe:2.3:o:linux_foundation:linux_kernel:6.14.1:*:*:*:*:*:*:*
• cpe:2.3:o:linux_foundation:linux_kernel:6.14.2:*:*:*:*:*:*:*
• cpe:2.3:o:linux_foundation:linux_kernel:6.14.3:*:*:*:*:*:*:*
• cpe:2.3:o:linux_foundation:linux_kernel:6.14.4:*:*:*:*:*:*:*

External links

https://git.kernel.org/stable/c/217fe1fc7d112595a793e02b306710e702eac492
https://git.kernel.org/stable/c/52ae15c665b5fe5876655aaccc3ef70560b0e314
https://git.kernel.org/stable/c/54f7f8978af19f899dec80bcc71c8d4855dfbd72
https://git.kernel.org/stable/c/b02a3fef3e8c8fe5a0a266f7a14f38cc608fb167
https://git.kernel.org/stable/c/c1846ed4eb527bdfe6b3b7dd2c78e2af4bf98f4f
https://git.kernel.org/stable/c/e3c9adc69357fcbe6253a2bc2588ee4bbaaedbe9
https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.14.5

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.