128 matches found
SUSE CVE-2023-53454
In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: Correct devm device reference for hidinput inputdev name Reference the HID device rather than the input device for the devm allocation of the inputdev name. Referencing the inputdev would lead to a use-after-free...
CVE-2023-53454
In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: Correct devm device reference for hidinput inputdev name Reference the HID device rather than the input device for the devm allocation of the inputdev name. Referencing the inputdev would lead to a use-after-free...
UBUNTU-CVE-2023-53454
In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: Correct devm device reference for hidinput inputdev name Reference the HID device rather than the input device for the devm allocation of the inputdev name. Referencing the inputdev would lead to a use-after-free...
CVE-2023-53454
CVE-2023-53454 - Linux kernel HID multitouch fix : The issue arises from using the input_dev name in a devm-allocated string, which can cause a use-after-free when input_dev is unregistered and a uevent referencing the name fires. The patch changes the reference to the HID device for devm allocat...
CVE-2023-53454 HID: multitouch: Correct devm device reference for hidinput input_dev name
In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: Correct devm device reference for hidinput inputdev name Reference the HID device rather than the input device for the devm allocation of the inputdev name. Referencing the inputdev would lead to a use-after-free...
CVE-2023-53454 HID: multitouch: Correct devm device reference for hidinput input_dev name
In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: Correct devm device reference for hidinput inputdev name Reference the HID device rather than the input device for the devm allocation of the inputdev name. Referencing the inputdev would lead to a use-after-free...
SUSE CVE-2025-39806
In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: fix slab out-of-bounds access in mtreportfixup A malicious HID device can trigger a slab out-of-bounds during mtreportfixup by passing in report descriptor smaller than 607 bytes. mtreportfixup attempts to patch...
Linux Distros Unpatched Vulnerability : CVE-2025-39806
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HID: multitouch: fix slab out-of-bounds access in mtreportfixup A malicious HID device can trigger a slab out-of-bounds during mtreportfixup by passing in repor...
CVE-2025-39806
In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: fix slab out-of-bounds access in mtreportfixup A malicious HID device can trigger a slab out-of-bounds during mtreportfixup by passing in report descriptor smaller than 607 bytes. mtreportfixup attempts to patch...
DEBIAN-CVE-2025-39806
In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: fix slab out-of-bounds access in mtreportfixup A malicious HID device can trigger a slab out-of-bounds during mtreportfixup by passing in report descriptor smaller than 607 bytes. mtreportfixup attempts to patch...
AZL-74700 CVE-2025-39806 affecting package kernel for versions less than 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: fix slab out-of-bounds access in mtreportfixup A malicious HID device can trigger a slab out-of-bounds during mtreportfixup by passing in report descriptor smaller than 607 bytes. mtreportfixup attempts to patch...
UBUNTU-CVE-2025-39806
In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: fix slab out-of-bounds access in mtreportfixup A malicious HID device can trigger a slab out-of-bounds during mtreportfixup by passing in report descriptor smaller than 607 bytes. mtreportfixup attempts to patch...
CVE-2025-39806 HID: multitouch: fix slab out-of-bounds access in mt_report_fixup()
In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: fix slab out-of-bounds access in mtreportfixup A malicious HID device can trigger a slab out-of-bounds during mtreportfixup by passing in report descriptor smaller than 607 bytes. mtreportfixup attempts to patch...
CVE-2025-39806 HID: multitouch: fix slab out-of-bounds access in mt_report_fixup()
In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: fix slab out-of-bounds access in mtreportfixup A malicious HID device can trigger a slab out-of-bounds during mtreportfixup by passing in report descriptor smaller than 607 bytes. mtreportfixup attempts to patch...
CVE-2025-39806 HID: multitouch: fix slab out-of-bounds access in mt_report_fixup()
In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: fix slab out-of-bounds access in mtreportfixup A malicious HID device can trigger a slab out-of-bounds during mtreportfixup by passing in report descriptor smaller than 607 bytes. mtreportfixup attempts to patch...
CVE-2025-39806
CVE-2025-39806 refers to a slab-out-of-bounds access in the Linux kernel HID multitouch path, specifically in mt_report_fixup(). An attacker could trigger this when a HID report descriptor is smaller than 607 bytes; mt_report_fixup() patches at offset 607 without validating descriptor length, lea...
Linux Distros Unpatched Vulnerability : CVE-2016-10894
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xtrlock through 2.10 does not block multitouch events. Consequently, an attacker at a locked screen can send input to and thus control various programs such as...
Linux Distros Unpatched Vulnerability : CVE-2020-0465
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In various methods of hid-multitouch.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: HID: Multitouch – Added a NULL check in mtinputconfigured. The devmkasprintf function may return a NULL pointer if it fails, but this returned value in mtinputconfigured is not checked. A NULL check should be added in...
CVE-2016-10894
xtrlock through 2.10 does not block multitouch events. Consequently, an attacker at a locked screen can send input to and thus control various programs such as Chromium via events such as pan scrolling, "pinch and zoom" gestures, or even regular mouse clicks by depressing the touchpad once and th...