CVE-2024-50302

ADVISORY - nist

Summary

In the Linux kernel, the following vulnerability has been resolved:

HID: core: zero-initialize the report buffer

Since the report buffer is used by all kinds of drivers in various ways, let's zero-initialize it during allocation to make sure that it can't be ever used to leak kernel memory via specially-crafted report.

EPSS Score⁠: 0.01435 (0.803)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-908⁠

Use of Uninitialized Resource

ADVISORY - redhat

CWE-908⁠

Use of Uninitialized Resource

Impacted images

Advisories

Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.