Bug 1974491 (CVE-2021-0512)
| Summary: | CVE-2021-0512 kernel: out-of-bounds write due to a heap buffer overflow in __hidinput_change_resolution_multipliers() of hid-input.c | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Guilherme de Almeida Suckevicz <gsuckevi> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED ERRATA | QA Contact: | |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | unspecified | CC: | acaringi, adscvr, airlied, alciregi, asavkov, bhu, blc, brdeoliv, bskeggs, chwhite, crwood, dblechte, dfediuck, dhoward, dvlasenk, eedri, fhrbata, fpacheco, hdegoede, hkrzesin, jarod, jarodwilson, jeremy, jforbes, jglisse, jlelli, joe.lawrence, jonathan, josef, jpoimboe, jshortt, jstancek, jthierry, jwboyer, kcarcia, kernel-maint, kernel-mgr, kpatch-maint, lgoncalv, linville, masami256, mchehab, mgoldboi, michal.skrivanek, mlangsdo, nmurray, nobody, ptalbert, qzhao, rhandlin, rvrbovsk, sbonazzo, sherold, steved, walters, wcosta, williams, ycote, yturgema |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Linux kernel 5.12-rc1 | Doc Type: | If docs needed, set a value |
| Doc Text: |
A flaw out of bounds memory write in the Linux kernel HID subsystem was found in the way user attach USB or other HID device that generates incorrect data inside HID report field. A local user could use this flaw to crash the system or possibly escalate their privileges on the system.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2021-09-07 20:33:21 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1978234, 1978235, 1978237, 1978239, 1974492, 1974934, 1974935, 1974936, 1974938, 1974939, 1974940, 1974941, 1974942, 1974943, 1974944, 1974945, 1974946, 1974947, 1974948, 1975124, 1979026, 1979027, 1979028, 1979029, 2003056 | ||
| Bug Blocks: | 1974493 | ||
|
Description
Guilherme de Almeida Suckevicz
2021-06-21 20:07:15 UTC
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1974492] This was fixed for Fedora with the 5.10.19 stable kernel updates. This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Extended Update Support Via RHSA-2021:3443 https://access.redhat.com/errata/RHSA-2021:3443 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Extended Update Support Via RHSA-2021:3445 https://access.redhat.com/errata/RHSA-2021:3445 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Extended Update Support Via RHSA-2021:3446 https://access.redhat.com/errata/RHSA-2021:3446 This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2021-0512 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2021:4056 https://access.redhat.com/errata/RHSA-2021:4056 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2021:4088 https://access.redhat.com/errata/RHSA-2021:4088 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2021:4122 https://access.redhat.com/errata/RHSA-2021:4122 This issue has been addressed in the following products: Red Hat Virtualization 4 for Red Hat Enterprise Linux 8 Via RHSA-2021:4750 https://access.redhat.com/errata/RHSA-2021:4750 |