Home > Vulnerability Database > WS-2021-0441

Mend Vulnerability Database

WS-2021-0441

Good to know:

Date: November 29, 2021

In Linux/Kernel in versions v2.6.11-tree to v4.4.285, v4.5-rc1 to v4.9.284, v4.10-rc1 to v4.14.248, v4.15-rc1 to v4.19.208, v5.0-rc1 t0 v5.4.150, v5.5-rc1 to v5.10.70, v5.10-rc1 to v5.14. Is vulnerable to free raw_report buffers in usbhid_stop in drivers/hid/usbhid/hid-core.c

Language: C

Severity Score

5.1

Related Resources (2)

Url: https://github.com/gregkh/linux/commit/2b704864c92dcec2b295f276fcfbfb81d9831f81

Url: https://www.mend.io/vulnerability-database/WS-2021-0441

Severity Score

5.1

Weakness Type (CWE)

Buffer Over-read

CWE-126

Top Fix

Upgrade Version

Upgrade to version Linux/Kernel - v4.4.286, v4.9.285, v4.14.249, v4.19.209, v5.4.151, v5.10.71, v5.14.10

Learn More

CVSS v3.1

Base Score:	5.1
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	NONE

Mend Vulnerability Database

We found results for “”

WS-2021-0441

Good to know:

Date: November 29, 2021

Language: C

Severity Score

Related Resources (2)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?