CVE - CVE-2024-50302

CVE-ID
CVE-2024-50302	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
In the Linux kernel, the following vulnerability has been resolved: HID: core: zero-initialize the report buffer Since the report buffer is used by all kinds of drivers in various ways, let's zero-initialize it during allocation to make sure that it can't be ever used to leak kernel memory via specially-crafted report.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://git.kernel.org/stable/c/05ade5d4337867929e7ef664e7ac8e0c734f1aaf URL:https://git.kernel.org/stable/c/05ade5d4337867929e7ef664e7ac8e0c734f1aaf MISC:https://git.kernel.org/stable/c/177f25d1292c7e16e1199b39c85480f7f8815552 URL:https://git.kernel.org/stable/c/177f25d1292c7e16e1199b39c85480f7f8815552 MISC:https://git.kernel.org/stable/c/1884ab3d22536a5c14b17c78c2ce76d1734e8b0b URL:https://git.kernel.org/stable/c/1884ab3d22536a5c14b17c78c2ce76d1734e8b0b MISC:https://git.kernel.org/stable/c/3f9e88f2672c4635960570ee9741778d4135ecf5 URL:https://git.kernel.org/stable/c/3f9e88f2672c4635960570ee9741778d4135ecf5 MISC:https://git.kernel.org/stable/c/492015e6249fbcd42138b49de3c588d826dd9648 URL:https://git.kernel.org/stable/c/492015e6249fbcd42138b49de3c588d826dd9648 MISC:https://git.kernel.org/stable/c/9d9f5c75c0c7f31766ec27d90f7a6ac673193191 URL:https://git.kernel.org/stable/c/9d9f5c75c0c7f31766ec27d90f7a6ac673193191 MISC:https://git.kernel.org/stable/c/d7dc68d82ab3fcfc3f65322465da3d7031d4ab46 URL:https://git.kernel.org/stable/c/d7dc68d82ab3fcfc3f65322465da3d7031d4ab46 MISC:https://git.kernel.org/stable/c/e7ea60184e1e88a3c9e437b3265cbb6439aa7e26 URL:https://git.kernel.org/stable/c/e7ea60184e1e88a3c9e437b3265cbb6439aa7e26
Assigning CNA
kernel.org
Date Record Created
20241021	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20241021)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)

Use of the CVE® List and the associated references from this website are subject to the terms of use. CVE is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA). Copyright © 1999–2024, The MITRE Corporation. CVE and the CVE logo are registered trademarks of The MITRE Corporation.