CVE - CVE-2024-39509

CVE-ID
CVE-2024-39509	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
In the Linux kernel, the following vulnerability has been resolved: HID: core: remove unnecessary WARN_ON() in implement() Syzkaller hit a warning [1] in a call to implement() when trying to write a value into a field of smaller size in an output report. Since implement() already has a warn message printed out with the help of hid_warn() and value in question gets trimmed with: ... value &= m; ... WARN_ON may be considered superfluous. Remove it to suppress future syzkaller triggers. [1] WARNING: CPU: 0 PID: 5084 at drivers/hid/hid-core.c:1451 implement drivers/hid/hid-core.c:1451 [inline] WARNING: CPU: 0 PID: 5084 at drivers/hid/hid-core.c:1451 hid_output_report+0x548/0x760 drivers/hid/hid-core.c:1863 Modules linked in: CPU: 0 PID: 5084 Comm: syz-executor424 Not tainted 6.9.0-rc7-syzkaller-00183-gcf87f46fd34d #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 RIP: 0010:implement drivers/hid/hid-core.c:1451 [inline] RIP: 0010:hid_output_report+0x548/0x760 drivers/hid/hid-core.c:1863 ... Call Trace: <TASK> __usbhid_submit_report drivers/hid/usbhid/hid-core.c:591 [inline] usbhid_submit_report+0x43d/0x9e0 drivers/hid/usbhid/hid-core.c:636 hiddev_ioctl+0x138b/0x1f00 drivers/hid/usbhid/hiddev.c:726 vfs_ioctl fs/ioctl.c:51 [inline] __do_sys_ioctl fs/ioctl.c:904 [inline] __se_sys_ioctl+0xfc/0x170 fs/ioctl.c:890 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf5/0x240 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f ...
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://git.kernel.org/stable/c/30f76bc468b9b2cbbd5d3eb482661e3e4798893f URL:https://git.kernel.org/stable/c/30f76bc468b9b2cbbd5d3eb482661e3e4798893f MISC:https://git.kernel.org/stable/c/33f6832798dd3297317901cc1db556ac3ae80c24 URL:https://git.kernel.org/stable/c/33f6832798dd3297317901cc1db556ac3ae80c24 MISC:https://git.kernel.org/stable/c/4aa2dcfbad538adf7becd0034a3754e1bd01b2b5 URL:https://git.kernel.org/stable/c/4aa2dcfbad538adf7becd0034a3754e1bd01b2b5 MISC:https://git.kernel.org/stable/c/655c6de2f215b61d0708db6b06305eee9bbfeba2 URL:https://git.kernel.org/stable/c/655c6de2f215b61d0708db6b06305eee9bbfeba2 MISC:https://git.kernel.org/stable/c/8bac61934cd563b073cd30b8cf6d5c758ab5ab26 URL:https://git.kernel.org/stable/c/8bac61934cd563b073cd30b8cf6d5c758ab5ab26 MISC:https://git.kernel.org/stable/c/955b3764671f3f157215194972d9c01a3a4bd316 URL:https://git.kernel.org/stable/c/955b3764671f3f157215194972d9c01a3a4bd316 MISC:https://git.kernel.org/stable/c/bfd546fc7fd76076f81bf41b85b51ceda30949fd URL:https://git.kernel.org/stable/c/bfd546fc7fd76076f81bf41b85b51ceda30949fd MISC:https://git.kernel.org/stable/c/f9db5fbeffb951cac3f0fb1c2eeffb79785399ca URL:https://git.kernel.org/stable/c/f9db5fbeffb951cac3f0fb1c2eeffb79785399ca
Assigning CNA
kernel.org
Date Record Created
20240625	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20240625)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)