CVE-2019-13631

CVSS v3.0 6.8 (Medium)

CVSS v2.0 4.6 (Medium)

EPSS 0.31 % (70^th)

Affected Products 1

Advisories 48

In parse_hid_report_descriptor in drivers/input/tablet/gtco.c in the Linux kernel through 5.2.1, a malicious USB device can send an HID report that triggers an out-of-bounds write during generation of debugging messages.

Weaknesses

CWE-787: Out-of-bounds Write

CVE Status: PUBLISHED
CNA: MITRE
Published Date: 2019-07-17 19:15:11
(5 years ago)
Updated Date: 2023-11-07 03:03:52
(10 months ago)

Affected Products

Linux

Linux Kernel

Configuration #1

		CPE23	From	Up To
	Linux Kernel 5.2.1 and prior versions	cpe:2.3:o:linux:linux_kernel		<= 5.2.1