CVE-2023-1073

Published: Mar 27, 2023

Modified: Apr 23, 2025

PUBLISHED

Description

A memory corruption flaw was found in the Linux kernel’s human interface device (HID) subsystem in how a user inserts a malicious USB device. This flaw allows a local user to crash or potentially escalate their privileges on the system.

Vendor	Product	Versions
n/a	kernel	affected `unknown`

Weaknesses (CWE)

CWE-119

References

https://bugzilla.redhat.com/show_bug.cgi?id=2173403

https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/id=b12fece4c64857e5fab4290bf01b2e0317a88456

https://www.openwall.com/lists/osssecurity/2023/01/17/3

[debian-lts-announce] 20230502 [SECURITY] [DLA 3404-1] linux-5.10 security update

mailing-list

[debian-lts-announce] 20230503 [SECURITY] [DLA 3403-1] linux security update

mailing-list

[oss-security] 20231105 Re: Linux Kernel: hid: type confusions on hid report_list entry

mailing-list

[oss-security] 20231105 Re: Linux Kernel: hid: NULL pointer dereference in hid_betopff_play()

mailing-list

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-1073

Description

Affected Products

Weaknesses (CWE)

References