{"id":"CVE-2024-50302","summary":"HID: core: zero-initialize the report buffer","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nHID: core: zero-initialize the report buffer\n\nSince the report buffer is used by all kinds of drivers in various ways, let's\nzero-initialize it during allocation to make sure that it can't be ever used\nto leak kernel memory via specially-crafted report.","aliases":["A-380395346","ASB-A-380395346"],"modified":"2026-04-02T12:21:23.368917Z","published":"2024-11-19T01:30:51.300Z","related":["ALSA-2025:2473","ALSA-2025:2474","ALSA-2025:2627","SUSE-SU-2024:4313-1","SUSE-SU-2024:4314-1","SUSE-SU-2024:4315-1","SUSE-SU-2024:4316-1","SUSE-SU-2024:4317-1","SUSE-SU-2024:4318-1","SUSE-SU-2024:4345-1","SUSE-SU-2024:4346-1","SUSE-SU-2024:4364-1","SUSE-SU-2024:4367-1","SUSE-SU-2024:4376-1","SUSE-SU-2024:4387-1","SUSE-SU-2024:4388-1","SUSE-SU-2025:0035-1","SUSE-SU-2025:0885-1","SUSE-SU-2025:0886-1","SUSE-SU-2025:0888-1","SUSE-SU-2025:0892-1","SUSE-SU-2025:0893-1","SUSE-SU-2025:0896-1","SUSE-SU-2025:0897-1","SUSE-SU-2025:0898-1","SUSE-SU-2025:0903-1","SUSE-SU-2025:0904-1","SUSE-SU-2025:0906-1","SUSE-SU-2025:0907-1","SUSE-SU-2025:0908-1","SUSE-SU-2025:0911-1","SUSE-SU-2025:0916-1","SUSE-SU-2025:0917-1","SUSE-SU-2025:0919-1","SUSE-SU-2025:0920-1","SUSE-SU-2025:0922-1","SUSE-SU-2025:0924-1","SUSE-SU-2025:0927-1","SUSE-SU-2025:0929-1","SUSE-SU-2025:0942-1","SUSE-SU-2025:0943-1","SUSE-SU-2025:0944-1","SUSE-SU-2025:0946-1","SUSE-SU-2025:0950-1","SUSE-SU-2025:0952-1","SUSE-SU-2025:0961-1","SUSE-SU-2025:0962-1","SUSE-SU-2025:20163-1","SUSE-SU-2025:20164-1","SUSE-SU-2025:20186-1","SUSE-SU-2025:20188-1","SUSE-SU-2025:20189-1","SUSE-SU-2025:20191-1","SUSE-SU-2025:20246-1","SUSE-SU-2025:20247-1","SUSE-SU-2025:20285-1","SUSE-SU-2025:4123-1","USN-7276-1","USN-7277-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/50xxx/CVE-2024-50302.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/05ade5d4337867929e7ef664e7ac8e0c734f1aaf"},{"type":"WEB","url":"https://git.kernel.org/stable/c/177f25d1292c7e16e1199b39c85480f7f8815552"},{"type":"WEB","url":"https://git.kernel.org/stable/c/1884ab3d22536a5c14b17c78c2ce76d1734e8b0b"},{"type":"WEB","url":"https://git.kernel.org/stable/c/3f9e88f2672c4635960570ee9741778d4135ecf5"},{"type":"WEB","url":"https://git.kernel.org/stable/c/492015e6249fbcd42138b49de3c588d826dd9648"},{"type":"WEB","url":"https://git.kernel.org/stable/c/9d9f5c75c0c7f31766ec27d90f7a6ac673193191"},{"type":"WEB","url":"https://git.kernel.org/stable/c/d7dc68d82ab3fcfc3f65322465da3d7031d4ab46"},{"type":"WEB","url":"https://git.kernel.org/stable/c/e7ea60184e1e88a3c9e437b3265cbb6439aa7e26"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"},{"type":"WEB","url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-50302"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/50xxx/CVE-2024-50302.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-50302"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"27ce405039bfe6d3f4143415c638f56a3df77dca"},{"fixed":"e7ea60184e1e88a3c9e437b3265cbb6439aa7e26"},{"fixed":"3f9e88f2672c4635960570ee9741778d4135ecf5"},{"fixed":"d7dc68d82ab3fcfc3f65322465da3d7031d4ab46"},{"fixed":"05ade5d4337867929e7ef664e7ac8e0c734f1aaf"},{"fixed":"1884ab3d22536a5c14b17c78c2ce76d1734e8b0b"},{"fixed":"9d9f5c75c0c7f31766ec27d90f7a6ac673193191"},{"fixed":"492015e6249fbcd42138b49de3c588d826dd9648"},{"fixed":"177f25d1292c7e16e1199b39c85480f7f8815552"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"0"},{"last_affected":"b2b6cadad699d44a8a5b2a60f3d960e00d6fb3b7"},{"last_affected":"fe6c9b48ebc920ff21c10c50ab2729440c734254"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-50302.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}]}