Multiple array index errors in drivers/hid/hid-multitouch.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_MULTITOUCH is enabled, allow physically proximate attackers to cause a denial of service (heap memory corruption, or NULL pointer dereference and OOPS) via a crafted device.
lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html
lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html
marc.info/?l=linux-input&m=137772190214635&w=1
openwall.com/lists/oss-security/2013/08/28/13
www.securityfocus.com/bid/62044
www.ubuntu.com/usn/USN-2015-1
www.ubuntu.com/usn/USN-2016-1
www.ubuntu.com/usn/USN-2019-1
www.ubuntu.com/usn/USN-2020-1
www.ubuntu.com/usn/USN-2021-1
www.ubuntu.com/usn/USN-2022-1
www.ubuntu.com/usn/USN-2023-1
www.ubuntu.com/usn/USN-2024-1
www.ubuntu.com/usn/USN-2038-1
www.ubuntu.com/usn/USN-2039-1
www.ubuntu.com/usn/USN-2050-1
www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.54