CVE-2025-38235 (GCVE-0-2025-38235)
Vulnerability from cvelistv5
Published
2025-07-06 09:11
Modified
2025-07-06 09:11
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: HID: appletb-kbd: fix "appletb_backlight" backlight device reference counting During appletb_kbd_probe, probe attempts to get the backlight device by name. When this happens backlight_device_get_by_name looks for a device in the backlight class which has name "appletb_backlight" and upon finding a match it increments the reference count for the device and returns it to the caller. However this reference is never released leading to a reference leak. Fix this by decrementing the backlight device reference count on removal via put_device and on probe failure.
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/4540e41e753a7d69ecd3f5bad51fe620205c3a18
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/751d5437112a3f387de4ef6d2d1c131068ff7627
Impacted products
Vendor Product Version
Linux Linux Version: 93a0fc48948107e0cc34e1de22c3cb363a8f2783
Version: 93a0fc48948107e0cc34e1de22c3cb363a8f2783
 Create a notification for this product.
   Linux Linux Version: 6.15
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/hid/hid-appletb-kbd.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "751d5437112a3f387de4ef6d2d1c131068ff7627",
              "status": "affected",
              "version": "93a0fc48948107e0cc34e1de22c3cb363a8f2783",
              "versionType": "git"
            },
            {
              "lessThan": "4540e41e753a7d69ecd3f5bad51fe620205c3a18",
              "status": "affected",
              "version": "93a0fc48948107e0cc34e1de22c3cb363a8f2783",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/hid/hid-appletb-kbd.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.15"
            },
            {
              "lessThan": "6.15",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.15.*",
              "status": "unaffected",
              "version": "6.15.5",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.16-rc4",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.15.5",
                  "versionStartIncluding": "6.15",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.16-rc4",
                  "versionStartIncluding": "6.15",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: appletb-kbd: fix \"appletb_backlight\" backlight device reference counting\n\nDuring appletb_kbd_probe, probe attempts to get the backlight device\nby name. When this happens backlight_device_get_by_name looks for a\ndevice in the backlight class which has name \"appletb_backlight\" and\nupon finding a match it increments the reference count for the device\nand returns it to the caller. However this reference is never released\nleading to a reference leak.\n\nFix this by decrementing the backlight device reference count on removal\nvia put_device and on probe failure."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-06T09:11:14.930Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/751d5437112a3f387de4ef6d2d1c131068ff7627"
        },
        {
          "url": "https://git.kernel.org/stable/c/4540e41e753a7d69ecd3f5bad51fe620205c3a18"
        }
      ],
      "title": "HID: appletb-kbd: fix \"appletb_backlight\" backlight device reference counting",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2025-38235",
    "datePublished": "2025-07-06T09:11:14.930Z",
    "dateReserved": "2025-04-16T04:51:23.996Z",
    "dateUpdated": "2025-07-06T09:11:14.930Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-38235\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-07-06T10:15:24.223\",\"lastModified\":\"2025-07-08T16:18:34.923\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nHID: appletb-kbd: fix \\\"appletb_backlight\\\" backlight device reference counting\\n\\nDuring appletb_kbd_probe, probe attempts to get the backlight device\\nby name. When this happens backlight_device_get_by_name looks for a\\ndevice in the backlight class which has name \\\"appletb_backlight\\\" and\\nupon finding a match it increments the reference count for the device\\nand returns it to the caller. However this reference is never released\\nleading to a reference leak.\\n\\nFix this by decrementing the backlight device reference count on removal\\nvia put_device and on probe failure.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: HID: appletb-kbd: correcci\u00f3n del conteo de referencias del dispositivo de retroiluminaci\u00f3n \\\"appletb_backlight\\\". Durante appletb_kbd_probe, la sonda intenta obtener el dispositivo de retroiluminaci\u00f3n por nombre. Cuando esto ocurre, backlight_device_get_by_name busca un dispositivo en la clase de retroiluminaci\u00f3n con el nombre \\\"appletb_backlight\\\" y, al encontrar una coincidencia, incrementa el conteo de referencias del dispositivo y lo devuelve al invocador. Sin embargo, esta referencia nunca se libera, lo que provoca una fuga de referencias. Para solucionar esto, disminuya el conteo de referencias del dispositivo de retroiluminaci\u00f3n al eliminarlo mediante put_device y si la sonda falla.\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/4540e41e753a7d69ecd3f5bad51fe620205c3a18\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/751d5437112a3f387de4ef6d2d1c131068ff7627\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.