In the Linux kernel, the following vulnerability has been resolved: HID: betop: fix slab-out-of-bounds Write in betop_probe Syzbot reported slab-out-of-bounds Write bug in hid-betopff driver. The problem is the driver assumes the device must have an input report but some malicious devices violate this assumption. So this patch checks hid_device’s input is non empty before it’s been used.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | linux | < 5.14.12-1 | linux_5.14.12-1_all.deb |
Debian | 11 | all | linux | < 5.10.84-1 | linux_5.10.84-1_all.deb |
Debian | 999 | all | linux | < 5.14.12-1 | linux_5.14.12-1_all.deb |
Debian | 13 | all | linux | < 5.14.12-1 | linux_5.14.12-1_all.deb |