CVE-2023-54207
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
HID: uclogic: Correct devm device reference for hidinput input_dev name
Reference the HID device rather than the input device for the devm allocation of the input_dev name. Referencing the input_dev would lead to a use-after-free when the input_dev was unregistered and subsequently fires a uevent that depends on the name. At the point of firing the uevent, the name would be freed by devres management.
Use devm_kasprintf to simplify the logic for allocating memory and formatting the input_dev name string.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | cce2dbdf258e6b27b2b100f511531edabb77f427 < f78bb490b16ecb506d4904be4b00bf9aad6588f9 | affected |
| Linux | Linux | cce2dbdf258e6b27b2b100f511531edabb77f427 < 51f49e3927ad545cec0c0afb86856ccacd9f085d | affected |
| Linux | Linux | cce2dbdf258e6b27b2b100f511531edabb77f427 < f283805d984343b2f216e2f4c6c7af265b9542ae | affected |
| Linux | Linux | cce2dbdf258e6b27b2b100f511531edabb77f427 < 4c2707dfee5847dc0b5ecfbe512c29c93832fdc4 | affected |
| Linux | Linux | cce2dbdf258e6b27b2b100f511531edabb77f427 < 58f0d1c0e494a88f301bf455da7df4366f179bbb | affected |
| Linux | Linux | cce2dbdf258e6b27b2b100f511531edabb77f427 < dd613a4e45f8d35f49a63a2064e5308fa5619e29 | affected |
| Linux | Linux | 4.1 | affected |
| Linux | Linux | 0 < 4.1 | unaffected |
| Linux | Linux | 5.10.249 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.199 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.53 <= 6.1.* | unaffected |
| Linux | Linux | 6.4.16 <= 6.4.* | unaffected |
| Linux | Linux | 6.5.3 <= 6.5.* | unaffected |
| Linux | Linux | 6.6 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
- https://git.kernel.org/stable/c/f78bb490b16ecb506d4904be4b00bf9aad6588f9
- https://git.kernel.org/stable/c/51f49e3927ad545cec0c0afb86856ccacd9f085d
- https://git.kernel.org/stable/c/f283805d984343b2f216e2f4c6c7af265b9542ae
- https://git.kernel.org/stable/c/4c2707dfee5847dc0b5ecfbe512c29c93832fdc4
- https://git.kernel.org/stable/c/58f0d1c0e494a88f301bf455da7df4366f179bbb
- https://git.kernel.org/stable/c/dd613a4e45f8d35f49a63a2064e5308fa5619e29
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.