Out-of-Bounds Write Vulnerability in Linux Kernel HID Report Generation

Out-of-Bounds Write Vulnerability in Linux Kernel HID Report Generation

CVE-2019-13631 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

In parse_hid_report_descriptor in drivers/input/tablet/gtco.c in the Linux kernel through 5.2.1, a malicious USB device can send an HID report that triggers an out-of-bounds write during generation of debugging messages.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.