A flaw found in the Linux Kernel. The missing check causes a type confusion when issuing a list_entry() on an empty report_list. The problem is caused by the assumption that the device must have valid report_list. While this will be true for all normal HID devices, a suitably malicious device can violate the assumption. References: https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=b12fece4c64857e5fab4290bf01b2e0317a88456 https://www.openwall.com/lists/oss-security/2023/01/17/3
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 2173404]
This was fixed for Fedora with the 6.1.9 stable kernel updates.
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:6583 https://access.redhat.com/errata/RHSA-2023:6583
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:6901 https://access.redhat.com/errata/RHSA-2023:6901
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:7077 https://access.redhat.com/errata/RHSA-2023:7077
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Extended Update Support Via RHSA-2024:0412 https://access.redhat.com/errata/RHSA-2024:0412
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Extended Update Support Via RHSA-2024:0575 https://access.redhat.com/errata/RHSA-2024:0575
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2024:0881 https://access.redhat.com/errata/RHSA-2024:0881
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2024:0897 https://access.redhat.com/errata/RHSA-2024:0897