kernel is vulnerable to out-of-bounds write. An out-of-bounds write flaw was found in the Linux kernels HID drivers. An attacker, able to plug in a malicious USB device, can crash the system or read and write to memory with an incorrect address. It affects drivers/hid/hid-axff.c, drivers/hid/hid-dr.c, drivers/hid/hid-emsff.c, drivers/hid/hid-gaff.c, drivers/hid/hid-holtekff.c, drivers/hid/hid-lg2ff.c, drivers/hid/hid-lg3ff.c, drivers/hid/hid-lg4ff.c, drivers/hid/hid-lgff.c, drivers/hid/hid-logitech-hidpp.c, drivers/hid/hid-microsoft.c, drivers/hid/hid-sony.c, drivers/hid/hid-tmff.c, and drivers/hid/hid-zpff.c.
www.openwall.com/lists/oss-security/2019/12/03/4
access.redhat.com/errata/RHSA-2021:0857
access.redhat.com/security/updates/classification/#important
bugzilla.redhat.com/show_bug.cgi?id=1781821
cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.9
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d9d4b1e46d9543a82c23f6df03f4ad697dab361b
usn.ubuntu.com/4226-1/