Updated: 2025-03-10 21:28:28.86102
Description:
In the Linux kernel, the following vulnerability has been resolved: HID: core: zero-initialize the report buffer Since the report buffer is used by all kinds of drivers in various ways, let's zero-initialize it during allocation to make sure that it can't be ever used to leak kernel memory via specially-crafted report.
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | 0 | |
| CVSS Version 3.x | MEDIUM | 5.5 |
| Added Date | Description | Due Date | Notes |
|---|---|---|---|
| 2025-03-04 | The Linux kernel contains a use of uninitialized resource vulnerability that allows an attacker to leak kernel memory via a specially crafted HID report. | 2025-03-25 | This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. For more information, please see: https://lore.kernel.org/linux-cve-announce/2024111908-CVE-2024-50302-f677@gregkh/ ; https://source.android.com/docs/security/bulletin/2025-03-01 ; https://nvd.nist.gov/vuln/detail/CVE-2024-50302 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
|---|---|---|---|---|---|---|---|---|
| AlmaLinux 9.2 ESU | kernel | 5.14.0 | 5.5 | MEDIUM | Released | CLSA-2025:1743193221 | 2025-03-29 03:46:23 | |
| AlmaLinux 9.6 ESU | kernel | 5.14.0 | 5.5 | MEDIUM | Needs Triage | 2025-07-03 10:39:23 | ||
| CentOS 7 ELS | kernel | 3.10.0 | 5.5 | MEDIUM | Released | CLSA-2025:1741624133 | 2025-03-26 03:25:31 | |
| CentOS 8.4 ELS | kernel | 4.18.0 | 5.5 | MEDIUM | Released | CLSA-2025:1742471200 | 2025-03-21 03:31:14 | |
| CentOS 8.5 ELS | kernel | 4.18.0 | 5.5 | MEDIUM | Released | CLSA-2025:1742469561 | 2025-03-21 03:31:15 | |
| CentOS Stream 8 ELS | kernel | 4.18.0 | 5.5 | MEDIUM | Released | CLSA-2025:1742472545 | 2025-03-21 03:31:13 | |
| Oracle Linux 7 ELS | kernel | 3.10.0 | 5.5 | MEDIUM | Released | CLSA-2025:1742322442 | 2025-03-19 02:20:23 | |
| RHEL 7 ELS | kernel | 3.10.0 | 5.5 | MEDIUM | Released | CLSA-2025:1750353839 | 2025-06-20 00:27:28 | |
| Ubuntu 16.04 ELS | linux | 4.4.0 | 5.5 | MEDIUM | Released | CLSA-2025:1742319829 | 2025-03-18 23:41:43 | |
| Ubuntu 16.04 ELS | linux-hwe | 4.15.0 | 5.5 | MEDIUM | Released | CLSA-2025:1742321198 | 2025-03-19 02:26:51 |