CVE-2013-2893
Description
The Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_LOGITECH_FF, CONFIG_LOGIG940_FF, or CONFIG_LOGIWHEELS_FF is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device, related to (1) drivers/hid/hid-lgff.c, (2) drivers/hid/hid-lg3ff.c, and (3) drivers/hid/hid-lg4ff.c.
Risk Information
Base Score
9.8
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.068
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Linux hardware enablement kernel from Quantal (USN-2019-1) linux-image-3.5.0-43-generic_3.5.0-43.66~precise1_i386.deb | Linux |
| Linux hardware enablement kernel from Quantal (USN-2019-1) linux-image-3.5.0-43-generic_3.5.0-43.66~precise1_amd64.deb | Linux |
| Linux hardware enablement kernel from Raring (USN-2020-1) linux-image-3.8.0-33-generic_3.8.0-33.48~precise1_i386.deb | Linux |
| Linux hardware enablement kernel from Raring (USN-2020-1) linux-image-3.8.0-33-generic_3.8.0-33.48~precise1_amd64.deb | Linux |
| Dtrace-modules-3.8.13-26.el6uek update (ELSA-2014-3002) dtrace-modules-3.8.13-26.el6uek-0.4.2-3.el6.x86_64.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234