Lucene search

K
redhatcveRedhat.comRH:CVE-2021-47404
HistoryMay 22, 2024 - 8:57 a.m.

CVE-2021-47404

2024-05-2208:57:52
redhat.com
access.redhat.com
4
linux kernel
hid
betop
vulnerability
fixed
slab-out-of-bounds
syzbot
driver
input report
patch
hid_device

6.6 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

13.0%

In the Linux kernel, the following vulnerability has been resolved: HID: betop: fix slab-out-of-bounds Write in betop_probe Syzbot reported slab-out-of-bounds Write bug in hid-betopff driver. The problem is the driver assumes the device must have an input report but some malicious devices violate this assumption. So this patch checks hid_device’s input is non empty before it’s been used.

6.6 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

13.0%