CVE-2024-50302

ADVISORY - nist

Summary

In the Linux kernel, the following vulnerability has been resolved:

HID: core: zero-initialize the report buffer

Since the report buffer is used by all kinds of drivers in various ways, let's zero-initialize it during allocation to make sure that it can't be ever used to leak kernel memory via specially-crafted report.

EPSS Score⁠: 0.00298 (0.527)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-908⁠

Use of Uninitialized Resource

ADVISORY - redhat

CWE-665⁠

Improper Initialization

Impacted images

Advisories

Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.