CVE-2025-38253
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-38253
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-38253.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2025-38253
- Downstream
- Published
- 2025-07-09T10:42:32.059Z
- Modified
- 2025-11-20T09:18:37.126243Z
- Summary
- HID: wacom: fix crash in wacom_aes_battery_handler()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
HID: wacom: fix crash in wacomaesbattery_handler()
Commit fd2a9b29dc9c ("HID: wacom: Remove AES powersupply after extended inactivity") introduced wacomaesbatteryhandler() which is scheduled as a delayed work (aesbatterywork).
In wacomremove(), aesbatterywork is not canceled. Consequently, if the device is removed while aesbatterywork is still pending, then hard crashes or "Oops: general protection fault..." are experienced when wacomaesbatteryhandler() is finally called. E.g., this happens with built-in USB devices after resume from hibernate when aesbatterywork was still pending at the time of hibernation.
So, take care to cancel aesbatterywork in wacom_remove().
- References
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedfd2a9b29dc9c4c35def91d5d1c5b470843539de6Fixeda4f182ffa30c52ad1c8e12edfb8049ee748c0f1b
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedfd2a9b29dc9c4c35def91d5d1c5b470843539de6Fixed57a3d82200dbeccd002244b96acad570eeeb731f
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedfd2a9b29dc9c4c35def91d5d1c5b470843539de6Fixedf3054152c12e2eed1e72704aff47b0ea58229584
Affected versions
v6.*
v6.10
v6.10-rc1
v6.10-rc2
v6.10-rc3
v6.10-rc4
v6.10-rc5
v6.10-rc6
v6.10-rc7
v6.11
v6.11-rc1
v6.11-rc2
v6.11-rc3
v6.11-rc4
v6.11-rc5
v6.11-rc6
v6.11-rc7
v6.12
v6.12-rc1
v6.12-rc2
v6.12-rc3
v6.12-rc4
v6.12-rc5
v6.12-rc6
v6.12-rc7
v6.12.1
v6.12.10
v6.12.11
v6.12.12
v6.12.13
v6.12.14
v6.12.15
v6.12.16
v6.12.17
v6.12.18
v6.12.19
v6.12.2
v6.12.20
v6.12.21
v6.12.22
v6.12.23
v6.12.24
v6.12.25
v6.12.26
v6.12.27
v6.12.28
v6.12.29
v6.12.3
v6.12.30
v6.12.31
v6.12.32
v6.12.33
v6.12.34
v6.12.35
v6.12.4
v6.12.5
v6.12.6
v6.12.7
v6.12.8
v6.12.9
v6.13
v6.13-rc1
v6.13-rc2
v6.13-rc3
v6.13-rc4
v6.13-rc5
v6.13-rc6
v6.13-rc7
v6.14
v6.14-rc1
v6.14-rc2
v6.14-rc3
v6.14-rc4
v6.14-rc5
v6.14-rc6
v6.14-rc7
v6.15
v6.15-rc1
v6.15-rc2
v6.15-rc3
v6.15-rc4
v6.15-rc5
v6.15-rc6
v6.15-rc7
v6.15.1
v6.15.2
v6.15.3
v6.15.4
v6.7
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7
Database specific
vanir_signatures
[
{
"target": {
"file": "drivers/hid/wacom_sys.c"
},
"signature_version": "v1",
"digest": {
"line_hashes": [
"265662849348832701353320780716157656216",
"237580858879186726146875788320856948587",
"112380796263880451173635930375512764985",
"47950304454342023775881749746999358910"
],
"threshold": 0.9
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a4f182ffa30c52ad1c8e12edfb8049ee748c0f1b",
"deprecated": false,
"signature_type": "Line",
"id": "CVE-2025-38253-19157d54"
},
{
"target": {
"function": "wacom_remove",
"file": "drivers/hid/wacom_sys.c"
},
"signature_version": "v1",
"digest": {
"length": 624.0,
"function_hash": "259204733097582628485983056436767898088"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a4f182ffa30c52ad1c8e12edfb8049ee748c0f1b",
"deprecated": false,
"signature_type": "Function",
"id": "CVE-2025-38253-21ec818a"
},
{
"target": {
"function": "wacom_remove",
"file": "drivers/hid/wacom_sys.c"
},
"signature_version": "v1",
"digest": {
"length": 624.0,
"function_hash": "259204733097582628485983056436767898088"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f3054152c12e2eed1e72704aff47b0ea58229584",
"deprecated": false,
"signature_type": "Function",
"id": "CVE-2025-38253-8af58cea"
},
{
"target": {
"file": "drivers/hid/wacom_sys.c"
},
"signature_version": "v1",
"digest": {
"line_hashes": [
"265662849348832701353320780716157656216",
"237580858879186726146875788320856948587",
"112380796263880451173635930375512764985",
"47950304454342023775881749746999358910"
],
"threshold": 0.9
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f3054152c12e2eed1e72704aff47b0ea58229584",
"deprecated": false,
"signature_type": "Line",
"id": "CVE-2025-38253-95451e85"
},
{
"target": {
"function": "wacom_remove",
"file": "drivers/hid/wacom_sys.c"
},
"signature_version": "v1",
"digest": {
"length": 624.0,
"function_hash": "259204733097582628485983056436767898088"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@57a3d82200dbeccd002244b96acad570eeeb731f",
"deprecated": false,
"signature_type": "Function",
"id": "CVE-2025-38253-bb1099f8"
},
{
"target": {
"file": "drivers/hid/wacom_sys.c"
},
"signature_version": "v1",
"digest": {
"line_hashes": [
"265662849348832701353320780716157656216",
"237580858879186726146875788320856948587",
"112380796263880451173635930375512764985",
"47950304454342023775881749746999358910"
],
"threshold": 0.9
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@57a3d82200dbeccd002244b96acad570eeeb731f",
"deprecated": false,
"signature_type": "Line",
"id": "CVE-2025-38253-f47258b1"
}
]