In the Linux kernel before 5.3.9, there are multiple out-of-bounds write bugs that can be caused by a malicious USB device in the Linux kernel HID drivers, aka CID-d9d4b1e46d95. This affects drivers/hid/hid-axff.c, drivers/hid/hid-dr.c, drivers/hid/hid-emsff.c, drivers/hid/hid-gaff.c, drivers/hid/hid-holtekff.c, drivers/hid/hid-lg2ff.c, drivers/hid/hid-lg3ff.c, drivers/hid/hid-lg4ff.c, drivers/hid/hid-lgff.c, drivers/hid/hid-logitech-hidpp.c, drivers/hid/hid-microsoft.c, drivers/hid/hid-sony.c, drivers/hid/hid-tmff.c, and drivers/hid/hid-zpff.c.

Affected Package

OS OS Version Package Name Package Version
ubuntu upstream linux-hwe-5.8 5.4~rc6
ubuntu upstream linux-gke-5.4 5.4~rc6
ubuntu upstream linux-gkeop-5.4 5.4~rc6
ubuntu 19.04 linux 5.0.0-38.41
ubuntu 19.10 linux 5.3.0-24.26
ubuntu 14.04 linux any
ubuntu upstream linux 5.4~rc6
ubuntu 16.04 linux 4.4.0-170.199
ubuntu 19.04 linux-aws 5.0.0-1023.26
ubuntu 19.10 linux-aws 5.3.0-1008.9
ubuntu 14.04 linux-aws 4.4.0-1059.63)available with ubuntu pro or ubuntu pro (infra-only
ubuntu upstream linux-aws 5.4~rc6
ubuntu 16.04 linux-aws 4.4.0-1099.110
ubuntu upstream linux-aws-5.0 5.4~rc6
ubuntu upstream linux-aws-5.3 5.4~rc6
ubuntu upstream linux-aws-5.4 5.4~rc6
ubuntu upstream linux-aws-hwe 5.4~rc6
ubuntu 16.04 linux-aws-hwe 4.15.0-1056.58~16.04.1
ubuntu 19.04 linux-azure 5.0.0-1028.30
ubuntu 19.10 linux-azure 5.3.0-1008.9
ubuntu 14.04 linux-azure 4.15.0-1064.69~14.04.1)available with ubuntu pro or ubuntu pro (infra-only
ubuntu upstream linux-azure 5.4~rc6
ubuntu 16.04 linux-azure 4.15.0-1064.69
ubuntu upstream linux-azure-4.15 5.4~rc6
ubuntu upstream linux-azure-5.3 5.4~rc6
ubuntu upstream linux-azure-5.4 5.4~rc6
ubuntu upstream linux-azure-edge 5.4~rc6
ubuntu upstream linux-dell300x 5.4~rc6
ubuntu 19.04 linux-gcp 5.0.0-1028.29
ubuntu 19.10 linux-gcp 5.3.0-1009.10
ubuntu upstream linux-gcp 5.4~rc6
ubuntu 16.04 linux-gcp 4.15.0-1050.53
ubuntu upstream linux-gcp-4.15 5.4~rc6
ubuntu upstream linux-gcp-5.3 5.4~rc6
ubuntu upstream linux-gcp-5.4 5.4~rc6
ubuntu upstream linux-gcp-edge 5.4~rc6
ubuntu upstream linux-gke-4.15 5.4~rc6
ubuntu upstream linux-gke-5.0 5.4~rc6
ubuntu upstream linux-gke-5.3 5.4~rc6
ubuntu upstream linux-gkeop 5.4~rc6
ubuntu upstream linux-hwe 5.4~rc6
ubuntu 16.04 linux-hwe 4.15.0-72.81~16.04.1
ubuntu upstream linux-hwe-5.4 5.4~rc6
ubuntu upstream linux-hwe-edge 5.4~rc6
ubuntu 16.04 linux-hwe-edge any
ubuntu 19.04 linux-kvm 5.0.0-1024.26
ubuntu 19.10 linux-kvm 5.3.0-1008.9
ubuntu upstream linux-kvm 5.4~rc6
ubuntu 16.04 linux-kvm 4.4.0-1063.70
ubuntu upstream linux-lts-trusty 5.4~rc6
ubuntu 14.04 linux-lts-xenial 4.4.0-170.199~14.04.1)available with ubuntu pro or ubuntu pro (infra-only
ubuntu upstream linux-lts-xenial 5.4~rc6
ubuntu 19.10 linux-oem 4.15.0-1065.75
ubuntu upstream linux-oem 5.4~rc6
ubuntu 16.04 linux-oem any
ubuntu upstream linux-oem-5.10 5.4~rc6
ubuntu upstream linux-oem-5.6 5.4~rc6
ubuntu 19.10 linux-oem-osp1 5.0.0-1033.38
ubuntu upstream linux-oem-osp1 5.4~rc6
ubuntu 19.04 linux-oracle 5.0.0-1009.14
ubuntu 19.10 linux-oracle 5.3.0-1007.8
ubuntu upstream linux-oracle 5.4~rc6
ubuntu 16.04 linux-oracle 4.15.0-1030.33~16.04.1
ubuntu upstream linux-oracle-5.0 5.4~rc6
ubuntu upstream linux-oracle-5.3 5.4~rc6
ubuntu upstream linux-oracle-5.4 5.4~rc6
ubuntu upstream linux-raspi 5.4~rc6
ubuntu upstream linux-raspi-5.4 5.4~rc6
ubuntu 19.04 linux-raspi2 5.0.0-1024.25
ubuntu 19.10 linux-raspi2 5.3.0-1014.16
ubuntu 20.04 linux-raspi2 any
ubuntu upstream linux-raspi2 5.4~rc6
ubuntu 16.04 linux-raspi2 4.4.0-1126.135
ubuntu upstream linux-raspi2-5.3 5.4~rc6
ubuntu upstream linux-riscv 5.4~rc6
ubuntu upstream linux-snapdragon 5.4~rc6
ubuntu 16.04 linux-snapdragon 4.4.0-1130.138