2 matches found
CVE-2023-5717
CVE-2023-5717 describes a heap out-of-bounds write in the Linux kernel’s perf subsystem (Perf events) caused by improper handling of event groups. When perf_read_group() runs and an event’s sibling_list is smaller than its child’s, memory writes can occur outside the allocated buffer, enabling lo...
CVE-2025-38103
CVE-2025-38103 relates to the Linux kernel HID path (usbhid). The issue, described in connected sources, is an out-of-bounds bug in usbhid_parse() that could arise from HID descriptor handling. The fix updates the HID descriptor struct to align with USB HID 1.11 (reflecting mandatory vs. optional...