Updated: 2023-11-24

CWE: Out-of-bounds Read


The hid_input_field function in drivers/hid/hid-core.c in the Linux kernel before 4.6 allows physically proximate attackers to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read) by connecting a device, as demonstrated by a Logitech DJ receiver.

CVSS3: 5.5

Vendor State

OS Vendor version Errata
No entries found

KernelCare State

OS Original kernel version State
Endurance 6 elrepo
Ready For Release
Endurance 7 eig 3.10
Ready For Release
Debian 10 cloud
Will Not Fix
Debian 9 backports
Will Not Fix
Ubuntu 16.04 (FIPS)
Will Not Fix
OEL 7 Dell
Ready For Release
Debian 8
3.16.7-ckt9-3~deb8u1 show all hide all
3.16.7-ckt11-1+deb8u2 3.16.7-ckt20-1+deb8u2 3.16.7-ckt11-1+deb8u3 3.16.7-ckt20-1+deb8u4 3.16.7-ckt25-2+deb8u2 3.16.36-1+deb8u2 3.16.7-ckt25-1 3.16.7-ckt11-1+deb8u4 3.16.7-ckt25-2 3.16.7-ckt11-1+deb8u5 3.16.7-ckt20-1+deb8u3 3.16.7-ckt11-1+deb8u6 3.16.7-ckt11-1+deb8u1 3.16.7-ckt25-2+deb8u1 3.16.7-ckt25-2+deb8u3 3.16.7-ckt11-1 3.16.36-1+deb8u1 3.16.7-ckt20-1+deb8u1