In lg_probe and related functions of hid-lg.c and other USB HID files, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure if a malicious USB HID device were plugged in, with no additional execution privileges needed. User interaction is not needed for exploitation.
android.googlesource.com/kernel/common/+/5a72ef56c876d5f0dadd8eb3b682814ec32422e4
android.googlesource.com/kernel/common/+/7320fb1abd44b68bbeeb6ad6eb828899ab6b617e
android.googlesource.com/kernel/common/+/7b8a19b91787b8e30d50e4e9e2d7b50a950003a9
android.googlesource.com/kernel/common/+/8219b106a380a282d6c6cdbd01d7eda8187e89b9
android.googlesource.com/kernel/common/+/a4909c90b75df36c04c3ec0f3081e6609ead4730
android.googlesource.com/kernel/common/+/ddea17081f80af8ec1c9247f9b88579530e873ea
android.googlesource.com/kernel/common/+/e98c96b8b8a5a7a97a0c1ae75638b362b16f0187
source.android.com/security/bulletin/2022-06-01