55 matches found
ROS-20260120-73-0005
A vulnerability in the inputevent function of the drivers/hid/hid-appleir.c module of the Linux kernel is related to pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
PT-2026-7042
Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.22.0 Description FreeRDP, a Remote Desktop Protocol implementation, contains a flaw related to the ainput send input event function. This function caches a channel callback in a local variable and subsequently uses ...
EUVD-2018-0292
Malware in sbrugna...
EUVD-2006-1981
Malware in sbrugna...
Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-385157)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-385157 advisory. In the Linux kernel, the following vulnerability has been resolved: HID: appleir: Fix potential NULL dereference at raw event handle Syzkaller reports a NULL pointer...
AZL-64896 CVE-2025-38335 affecting package kernel for versions less than 6.6.104.2-1
In the Linux kernel, the following vulnerability has been resolved: Input: gpio-keys - fix a sleep while atomic with PREEMPTRT When enabling PREEMPTRT, the gpiokeysirqtimer callback runs in hard irq context, but the inputevent takes a spinlock, which isn't allowed there as it is converted to a...
UBUNTU-CVE-2025-38335
In the Linux kernel, the following vulnerability has been resolved: Input: gpio-keys - fix a sleep while atomic with PREEMPTRT When enabling PREEMPTRT, the gpiokeysirqtimer callback runs in hard irq context, but the inputevent takes a spinlock, which isn't allowed there as it is converted to a...
CVE-2025-38016 HID: bpf: abort dispatch if device destroyed
In the Linux kernel, the following vulnerability has been resolved: HID: bpf: abort dispatch if device destroyed The current HID bpf implementation assumes no output report/request will go through it after hidbpfdestroydevice has been called. This leads to a bug that unplugging certain types of H...
CVE-2024-0038
In injectInputEventToInputFilter of AccessibilityManagerService.java, there is a possible arbitrary input event injection due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2023-21171
In verifyInputEvent of InputDispatcher.cpp, there is a possible way to conduct click fraud due to side channel information disclosure. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions...
CVE-2020-0475
In createInputConsumer of WindowManagerService.java, there is a possible way to block and intercept input events due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product:...
The vulnerability of the input_event() function in the drivers/hid/hid-appleir.c module of the Linux kernel allows a hacker to cause a service failure.
The vulnerability of the inputevent function in the drivers/hid/hid-appleir.c module of the Linux kernel is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a system failure...
AZL-59960 CVE-2025-21948 affecting package kernel for versions less than 5.15.180.1-1
In the Linux kernel, the following vulnerability has been resolved: HID: appleir: Fix potential NULL dereference at raw event handle Syzkaller reports a NULL pointer dereference issue in inputevent. BUG: KASAN: null-ptr-deref in instrumentatomicread include/linux/instrumented.h:68 inline BUG:...
DEBIAN-CVE-2025-21948
In the Linux kernel, the following vulnerability has been resolved: HID: appleir: Fix potential NULL dereference at raw event handle Syzkaller reports a NULL pointer dereference issue in inputevent. BUG: KASAN: null-ptr-deref in instrumentatomicread include/linux/instrumented.h:68 inline BUG:...
AZL-59946 CVE-2025-21948 affecting package kernel for versions less than 6.6.85.1-2
In the Linux kernel, the following vulnerability has been resolved: HID: appleir: Fix potential NULL dereference at raw event handle Syzkaller reports a NULL pointer dereference issue in inputevent. BUG: KASAN: null-ptr-deref in instrumentatomicread include/linux/instrumented.h:68 inline BUG:...
CVE-2024-0038
In injectInputEventToInputFilter of AccessibilityManagerService.java, there is a possible arbitrary input event injection due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2024-0038
In injectInputEventToInputFilter of AccessibilityManagerService.java, there is a possible arbitrary input event injection due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2024-0038
Summary of CVE-2024-0038: The issue lies in Android’s AccessibilityManagerService.java within the function injectInputEventToInputFilter, where a missing permission check enables arbitrary input event injection. This can lead to local escalation of privilege without additional execution privilege...
CVE-2024-0038
In injectInputEventToInputFilter of AccessibilityManagerService.java, there is a possible arbitrary input event injection due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
Google Android Security Vulnerability
Google Android is a Linux-based open source operating system from Google Inc. in the United States. A security vulnerability exists in Google Android, which stems from a lack of permission checking in the injectInputEventToInputFilter method of the AccessibilityManagerService.java file, which cou...