CVE-2025-37814

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A vulnerability in the Linux kernel has been resolved, requiring CAP SYS ADMIN for all usages of TIOCL SELMOUSEREPORT. The previous patch had inconsistent logic, and TIOCL SELMOUSEREPORT may be a potential security risk, allowing an attacker to simulate keyboard input to command line applications on the same terminal. This can be done by enabling mouse reporting on a terminal and injecting mouse reports through TIOCL SELMOUSEREPORT. Many programs, including libreadline/bash, are prone to misinterpret these mouse reports as normal keyboard input. The vulnerability is only used by the mouse daemons (GPM or Consolation), which already run as CAP SYS ADMIN.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.