vulnerability

Huawei EulerOS: CVE-2021-46906: kernel security update

Severity
5
CVSS
(AV:L/AC:L/Au:S/C:C/I:N/A:N)
Published
02/26/2024
Added
07/17/2024
Modified
01/30/2025

Description

In the Linux kernel, the following vulnerability has been resolved:

HID: usbhid: fix info leak in hid_submit_ctrl

In hid_submit_ctrl(), the way of calculating the report length doesn't
take into account that report->size can be zero. When running the
syzkaller reproducer, a report of size 0 causes hid_submit_ctrl) to
calculate transfer_buffer_length as 16384. When this urb is passed to
the usb core layer, KMSAN reports an info leak of 16384 bytes.

To fix this, first modify hid_report_len() to account for the zero
report size case by using DIV_ROUND_UP for the division. Then, call it
from hid_submit_ctrl().

Solution(s)

huawei-euleros-2_0_sp9-upgrade-kernelhuawei-euleros-2_0_sp9-upgrade-kernel-toolshuawei-euleros-2_0_sp9-upgrade-kernel-tools-libshuawei-euleros-2_0_sp9-upgrade-python3-perf
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.