HID Core Vulnerability in Linux Kernel Affecting Generic Input Devices
CVE-2024-57986

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
27 February 2025

What is CVE-2024-57986?

A vulnerability exists in the HID core of the Linux kernel related to the handling of Resolution Multipliers. An oversight in the hid_apply_multiplier function, which assumes that every Resolution Multiplier control is contained within a Logical Collection, poses significant risks. If no Logical Collection is defined, the code fails to adequately handle the resolution multiplier, leading to potential exploits. This was identified as part of a 2019 report by the syzbot fuzzer. To mitigate this issue, the core must correctly manage the state of the multiplier_collection pointer when a valid Logical Collection is not found.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 5a4abb36f312cf83206b1b7d1308ba47cba0b3cc < 3a002e4029230d9a6be89f869b2328b258612f5c

Linux 5a4abb36f312cf83206b1b7d1308ba47cba0b3cc < 05dd7d10675b540b8b7b31035c0a8abb6e6f3b88

Linux 5a4abb36f312cf83206b1b7d1308ba47cba0b3cc

References

https://git.kernel.org/stable/c/3a002e4029230d9a6be89f869...
https://git.kernel.org/stable/c/05dd7d10675b540b8b7b31035...
https://git.kernel.org/stable/c/a32ea3f982b389ea43a41ce77...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.