Описание
In __hidinput_change_resolution_multipliers of hid-input.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-173843328References: Upstream kernel
A flaw out of bounds memory write in the Linux kernel HID subsystem was found in the way user attach USB or other HID device that generates incorrect data inside HID report field. A local user could use this flaw to crash the system or possibly escalate their privileges on the system.
Отчет
For Red Hat Enterprise Linux 7 only out of bounds memory read possible instead of write and no code that depends on this memory read, so considering the impact Moderate instead of Important. Both this has very low chances of being exploited in the wild: attacker either need to physically plug a malicious device in a USB port or attacker would have to use uhid or any other virtual USB implementation, meaning that likely already have root access be able to trigger that.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | kernel | Not affected | ||
| Red Hat Enterprise Linux 7 | kernel | Will not fix | ||
| Red Hat Enterprise Linux 7 | kernel-alt | Will not fix | ||
| Red Hat Enterprise Linux 7 | kernel-rt | Will not fix | ||
| Red Hat Enterprise Linux 9 | kernel | Not affected | ||
| Red Hat Enterprise Linux 8 | kernel-rt | Fixed | RHSA-2021:4088 | 02.11.2021 |
| Red Hat Enterprise Linux 8 | kernel | Fixed | RHSA-2021:4056 | 02.11.2021 |
| Red Hat Enterprise Linux 8 | kpatch-patch | Fixed | RHSA-2021:4122 | 03.11.2021 |
| Red Hat Enterprise Linux 8.2 Extended Update Support | kernel-rt | Fixed | RHSA-2021:3445 | 07.09.2021 |
| Red Hat Enterprise Linux 8.2 Extended Update Support | kpatch-patch | Fixed | RHSA-2021:3443 | 07.09.2021 |
Показывать по
Дополнительная информация
Статус:
EPSS
7.8 High
CVSS3
Связанные уязвимости
In __hidinput_change_resolution_multipliers of hid-input.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-173843328References: Upstream kernel
In __hidinput_change_resolution_multipliers of hid-input.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-173843328References: Upstream kernel
In __hidinput_change_resolution_multipliers of hid-input.c, there is a ...
Security update for the Linux Kernel (Live Patch 25 for SLE 15 SP1)
In __hidinput_change_resolution_multipliers of hid-input.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-173843328References: Upstream kernel
EPSS
7.8 High
CVSS3