ASB-A-380395346

See a problem?

Import Source

https://storage.googleapis.com/android-osv-test/ASB-A-380395346.json

JSON Data

https://api.test.osv.dev/v1/vulns/ASB-A-380395346

Aliases

A-380395346
CVE-2024-50302

Published

2025-03-01T00:00:00Z

Modified

2025-08-06T16:29:06.385449Z

Summary

[none]

Details

In hidallocreport_buf of hid-core.c, there is a possible leak of kernel memory contents to a USB HID due to uninitialized data. This could lead to physical information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / :linux_kernel:

Package

Name: :linux_kernel:

Affected ranges

Type: ECOSYSTEM
Events: Introduced

:0

Fixed

:2025-03-05

Affected versions

Other

Kernel

Ecosystem specific

{
    "spl": "2025-03-05",
    "severity": "High",
    "types": [
        "ID"
    ],
    "vanir_signatures": [
        {
            "id": "ASB-A-380395346-3901e556",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Line",
            "target": {
                "truncated_path_level": 1.0,
                "file": "drivers/hid/hid-core.c"
            },
            "digest": {
                "line_hashes": [
                    "34146452410896192640336443398141344634",
                    "251583030241243130293964163897364329673",
                    "72787353270723265437437250306612495838",
                    "116944651357710373045126723328057298352"
                ],
                "threshold": 0.9
            },
            "source": "https://partner-android.googlesource.com/kernel/common/+/853ec04e2de45ae6d1fc9476ce52d06582ad87ed"
        },
        {
            "id": "ASB-A-380395346-7f3bad0b",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Line",
            "target": {
                "truncated_path_level": 1.0,
                "file": "drivers/hid/hid-core.c"
            },
            "digest": {
                "line_hashes": [
                    "34146452410896192640336443398141344634",
                    "251583030241243130293964163897364329673",
                    "72787353270723265437437250306612495838",
                    "116944651357710373045126723328057298352"
                ],
                "threshold": 0.9
            },
            "source": "https://partner-android.googlesource.com/kernel/common/+/f02dd268a08d4e7ec09ec0ddd2a861ab5a51a0ae"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/kernel/common/+/f02dd268a08d4e7ec09ec0ddd2a861ab5a51a0ae",
        "https://android.googlesource.com/kernel/common/+/853ec04e2de45ae6d1fc9476ce52d06582ad87ed"
    ]
}