HID: cougar: fix slab-out-of-bounds Read in cougar_report_fixup
CVE-2024-46747

7.1HIGH

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 18 September 2024

What is CVE-2024-46747?

A vulnerability has been identified in the Linux kernel involving the Cougar 500k Gaming Keyboard, where the 'report_fixup' function failed to properly validate the size of report descriptors before accessing them. This oversight can lead to a slab-out-of-bounds read, potentially exposing sensitive data and impacting system integrity. Users of the affected keyboards are advised to apply the latest updates from the vendor to mitigate the risks associated with this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux b8e759b8f6dab1c473c30ac12709095d0b81078e

Linux b8e759b8f6dab1c473c30ac12709095d0b81078e < 34185de73d74fdc90e8651cfc472bfea6073a13f

References

https://git.kernel.org/stable/c/e239e44dcd419b13cf840e2a3...

https://git.kernel.org/stable/c/fac3cb3c6428afe2207593a18...

https://git.kernel.org/stable/c/34185de73d74fdc90e8651cfc...

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 18, 2024
Vulnerability Reserved
Sep 11, 2024

JSON

Linux