CVE-2013-2897 Information

Feb 14, 2021 cve

Description

Multiple array index errors in drivers/hid/hid-multitouch.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11 when CONFIG_HID_MULTITOUCH is enabled allow physically proximate attackers to cause a denial of service (heap memory corruption or NULL pointer dereference and OOPS) via a crafted device.

Reference

http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html http://marc.info/?l=linux-input&m=137772190214635&w=1 http://openwall.com/lists/oss-security/2013/08/28/13 http://www.securityfocus.com/bid/62044 http://www.ubuntu.com/usn/USN-2015-1 http://www.ubuntu.com/usn/USN-2016-1 http://www.ubuntu.com/usn/USN-2019-1 http://www.ubuntu.com/usn/USN-2020-1 http://www.ubuntu.com/usn/USN-2021-1 http://www.ubuntu.com/usn/USN-2022-1 http://www.ubuntu.com/usn/USN-2023-1 http://www.ubuntu.com/usn/USN-2024-1 http://www.ubuntu.com/usn/USN-2038-1 http://www.ubuntu.com/usn/USN-2039-1 http://www.ubuntu.com/usn/USN-2050-1 https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.54

Share on: