Vulnerability Database

311,378

Total vulnerabilities in the database

CVE-2024-50302

In the Linux kernel, the following vulnerability has been resolved:

HID: core: zero-initialize the report buffer

Since the report buffer is used by all kinds of drivers in various ways, let's zero-initialize it during allocation to make sure that it can't be ever used to leak kernel memory via specially-crafted report.

  • Published: Nov 19, 2024
  • Updated: Nov 4, 2025
  • CVE: CVE-2024-50302
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 5.5
  • AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWEs:

Software From Fixed in
linux / linux_kernel 6.12-rc1 6.12-rc1.x
linux / linux_kernel 6.12-rc2 6.12-rc2.x
linux / linux_kernel 6.12-rc4 6.12-rc4.x
linux / linux_kernel 6.12-rc3 6.12-rc3.x
linux / linux_kernel 6.12-rc5 6.12-rc5.x
linux / linux_kernel 5.11 5.15.172
linux / linux_kernel 6.12-rc6 6.12-rc6.x
linux / linux_kernel 6.7 6.11.8
linux / linux_kernel 6.2 6.6.61
linux / linux_kernel 5.16 6.1.117
linux / linux_kernel 5.5 5.10.230
linux / linux_kernel 4.20 5.4.286
linux / linux_kernel 3.12 4.19.324
debian / debian_linux 11.0 11.0.x