Multiple array index errors in drivers/hid/hid-core.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11 allow physically proximate attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted device that provides an invalid Report ID.
Vector
LOCAL
Complexity
HIGH
Authentication
NONE
Confidentiality
COMPLETE
Integrity
COMPLETE
Availability
COMPLETE
HP Insight Management Wbem Providers 2.8.0.0
HP Insight Diagnostics 6.5.0 (A) Offline Edition
HP Ignite-UX B.4.0
HP Insight Diagnostics 6.4.1 (A) Offline Edition
HP Insight Control Performance Management 6.2
HP Ignite-UX B.3.8
HP Ignite-UX B.4.2
HP Ignite-UX B.4.1
HP Insight Control Performance Management 5.2.2
HP Ignite-UX B.4.4
HP Insight Diagnostics 7.5.5-1 Online Edition for Linux
HP Insight Diagnostics 7.6.2 Rev. A Offline Edition
HP Insight Diagnostics 7.0.0-30 Online Edition for Linux
HP Ignite-UX B.4.3
HP Insight Diagnostics 7.5.5-1 Online Edition for Linux
HP Insight Diagnostics 7.6.1 Offline Edition
HP Insight Diagnostics 6.4.1 (A) Offline Edition
HP Insight Control Performance Management 6.1
HP Insight Diagnostics 7.7.0-142 Online Edition for Linux
HP Insight Control Performance Management 6.0
HP Ignite-UX B.5.0
HP Insight Diagnostics 7.5.5.1681 Online Edition for Windows 2000
HP Insight Diagnostics 7.7.0 Offline Edition
HP Insight Management Suite
HP Insight Diagnostics 7.5.5.1681 Online Edition for Windows Server 2003
HP Insight Diagnostics 7.7.0.2112 Online Edition for Windows Server 2003
HP Insight Diagnostics 7.5.5.1681 Online Edition for Windows 2000
HP Insight Diagnostics 7.7.0.2112 Online Edition for Windows Server 2003
HP Insight Diagnostics 6.5.0 (A) Offline Edition
HP Insight Diagnostics 7.7.0 Rev. B Offline Edition
HP Insight Diagnostics 7.0.0-30 Online Edition for Linux
HP Insight Diagnostics 7.5.4 Offline Edition
HP Insight Control Server Deployment
HP Insight Management Agents 8.70.0.0
HP Insight Management Agents 8.70.0.0 (B)
HP Insight Management Agents 9.0.0.0
HP Insight Diagnostics 7.5.5.1681 Online Edition for Windows 2003 x64
HP Insight Management Wbem Providers 2.2.1.0
HP Insight Management Wbem Providers 2.3.0.0
HP Insight Management Wbem Providers 2.4.0.0
Linux Linux kernel 3.10.9 (not an official CPE)
Linux Linux kernel 3.10.8 (not an official CPE)
Linux Linux kernel 3.10.7 (not an official CPE)
Linux Linux kernel 3.10.6 (not an official CPE)
Linux Linux kernel 3.10.5 (not an official CPE)
Linux Linux kernel 3.10.4 (not an official CPE)
HP Insight Management Agent 7.70.0.0
HP Insight Management Agents 7.70.0.0
HP Insight Management Agents 7.80.0.0
HP Insight Management Agents 7.51.0.0
HP Insight Management Agents 7.60.0.0
HP Insight Management Agents 7.41.0.0
HP Insight Management Agents 7.95.0.0
HP Insight Management Agents 7.50.0.0
HP Insight Management Agent 7.80.0.0
HP Insight Management Agent 7.90.0.0
HP Insight Management Agents 7.90.0.0
HP Insight Management Agents 7.91.0.0
HP Insight Diagnostics 7.5.4 Offline Edition
HP Insight Diagnostics 7.6.0.1984 Online Edition for Windows 2000
HP Insight Control Performance Management 5.2
HP Insight Diagnostics 6.3.1.887 Offline Edition
HP Insight Management Agents 7.30.0.0
HP Insight Management Agent 8.26.0.0
HP Insight Management Agent 8.70.0.0
HP Insight Management Agents 6.30.0.0
HP Insight Management Agents 7.0.0.0
HP Insight Management Agents 7.10.0.0
HP Insight Management Agents 6.31.0.0 (B)
HP Insight Management Agents 6.40.0.0
HP Insight Management Agents 7.20.0.0
IMC Branch Intelligent Management System Software Module 5.0
HP Imaging Device Functions 10.0
HP Ignite-UX C.7.7.93
HP Ignite-UX C.7.11.439
HP Insight Management Wbem Providers 2.7.0.0
HP Ignite-UX C.6.6
HP Ignite-UX B.5.1
HP Insight Diagnostics 7.5.0.1679 Online Edition for Windows 2003 x64
HP Insight Diagnostics 7.5.0.1679 Online Edition for Windows 2003
HP Ignite-UX C.6.2.241
HP Ignite-UX C.6.3
HP Ignite-UX B.5.3
HP Ignite-UX B.5.2
HP Insight Management Agent 8.50.0.0
HP Ignite-UX C.6.2
HP Insight Management Agent 8.40.0.0
HP Ignite-UX C.6.10
HP Ignite-UX C.6.1
HP Ignite-UX B.5.4
HP Insight Diagnostics 7.5.0-14 Online Edition for Linux
HP Insight Diagnostics 7.5.0.1679 Online Edition for Windows 2000
HP Insight Diagnostics 7.0.0.1198 Online Edition for Windows 2000
HP Insight Diagnostics 7.3.0 Offline Edition
HP iNode Management Center PC 5.1
HP iNode Management Center PC 5.1 E0304
HP Insight Diagnostics 7.4.0.1570 Online Edition for Windows 2003 x64
HP Insight Diagnostics 7.4.0.1570 Online Edition for Windows 2000
HP Insight Diagnostics 7.4.0-11 Online Edition for Linux
HP Insight Diagnostics 7.4.0-11 Online Edition for Linux
HP Insight Diagnostics 7.4.1 Offline Edition
HP Insight Diagnostics 7.4.0.1570 Online Edition for Windows Server 2003
HP Insight Diagnostics 6.3.0.878 Online Edition for Windows 2000
HP Insight Diagnostics 7.4.0.1570 Online Edition for Windows 2000
HP Insight Diagnostics 6.3.0.878 Online Edition for Windows 2003
HP Insight Diagnostics 7.4.0.1570 Online Edition for Windows Server 2003
HP Insight Management Agents 7.40.1.0
HP Insight Diagnostics 7.4.0
Linux Linux kernel 3.10.11 (not an official CPE)
Linux Linux kernel 3.10.12 (not an official CPE)
Linux Linux kernel 3.10.10 (not an official CPE)
HP Insight Control Performance Management 5.0
HP Insight Diagnostics 7.4.1 Offline Edition
HP Insight Diagnostics 7.5.0-14 Online Edition for Linux
HP Insight Management Agents 7.40.0.0
IMC Branch Intelligent Management System Software Module 5.1
IMC Branch Intelligent Management System Software Module 5.2
IMC Branch Intelligent Management System Software Module 7.0
IMC Branch Intelligent Management System Software Module 7.0 E0201P02
HP iMC Service Operation Management Software module
HP Info Center
HP Inkjet 2250 TN
HP iNode Management Center PC 5.0
HP iNode Management Center PC 5.0 E0101
HP Insight Diagnostics 7.9.1.2401 Online Edition for Windows Server 2003
HP Insight Management Agents 8.60.0.0
HP Insight Diagnostics 7.9.1-15 Online Edition for Linux
HP Insight Diagnostics 7.9.1.2401 Online Edition for Windows Server 2003
HP Insight Management Agents 8.50.0.0
HP Insight Management Agents 8.5
HP Insight Diagnostics 7.9.1.2401 Online Edition for Windows Server 2003 x64
HP Insight Diagnostics 9.4.0.4710
HP Insight Diagnostics 7.9.1.2401 Online Edition for Windows Server 2003 x64
HP Insight Diagnostics Online Edition For Windows 7.4.0
HP Insight Management Agents 8.20.0.0
HP Insight Management Agents 8.0.0.0
HP Insight Management Agents 8.40.0.0
HP Insight Diagnostics 7.9.0.2359 Online Edition for Windows Server 2003 x64
HP Insight Management Agents 8.30.0.0
HP Insight Management Agents 8.26.0.0
HP Insight Diagnostics 7.9.0 Rev. A Offline Edition
HP Insight Management Agents 8.22.0.0
HP Insight Diagnostics 7.9.0 Rev. A Offline Edition
HP Insight Diagnostics 7.6.0-23 Online Edition for Linux
HP Insight Diagnostics 7.6.0-23 Online Edition for Linux
HP Insight Diagnostics 7.5.5.1681 Online Edition for Windows Server 2003
HP Insight Diagnostics 7.6.0 Offline Edition
HP Insight Diagnostics 7.6.0 Offline Edition
HP Insight Diagnostics Online Edition For Windows 8.1.1
HP Insight Diagnostics Online Edition For Windows 8.0.0
HP Insight Diagnostics Online Edition For Windows 7.8.0
HP Ignite-UX C.7.2
HP Ignite-UX C.7.11.444
HP Ignite-UX C.7.3.144
HP Ignite-UX C.7.2.93
HP Ignite-UX C.7.4.155
HP Ignite-UX C.7.3.148
HP Ignite-UX C.7.5
HP Ignite-UX C.7.4.157
HP Ignite-UX C.7.6.100
HP Ignite-UX C.7.6.98
HP Ignite-UX C.7.10.474
HP Ignite-UX C.6.9.141
HP Ignite-UX C.6.8
HP Ignite-UX C.6.7
HP Insight Management Agents 8.15.0.0
HP Insight Management Agents 8.11.0.0
HP Ignite-UX C.7.1
HP Insight Management Agents 8.10.0.0
HP Ignite-UX C.7.0.212
HP Insight Management Agents 8.1.0.0
HP Ignite-UX C.7.0
HP Ignite-UX C.6.9.150
HP Ignite-UX C.6.4
HP Ignite-UX C.6.5
HP Ignite-UX C.7.1.92
HP Ignite-UX C.7.10.472
HP Insight Management Agent 8.15.0.0
HP Insight Management Agent 8.20.0.0
HP Insight Management Agent 8.0.0.0
HP Insight Management Agent 8.11.0.0
HP Insight Diagnostics 7.8.0.2257 Online Edition for Windows Server 2003
HP Insight Diagnostics 7.8.0-159 Online Edition for Linux
HP Insight Diagnostics 7.8.0.2257 Online Edition for Windows Server 2003
HP Insight Diagnostics 7.8.0.2257 Online Edition for Windows Server 2003 x64
HP Insight Diagnostics Online Edition For Windows 8.4.0
HP Insight Diagnostics 7.9.0
HP Insight Diagnostics Online Edition For Windows 8.2.5
HP Insight Diagnostics 7.8.0.2257 Online Edition for Windows Server 2003 x64
HP Insight Diagnostics Online Edition For Windows 8.6.0
HP Insight Diagnostics 7.9.0 Offline Edition
HP Insight Diagnostics Online Edition For Windows 8.5.0
HP Insight Diagnostics 7.9.0 Offline Edition
HP Insight Diagnostics 7.9.0.2359 Online Edition for Windows Server 2003
HP Insight Diagnostics Online Edition For Windows 8.7.0
HP Insight Diagnostics 7.9.0-105 Online Edition for Linux
HP Insight Diagnostics 7.3.0 Offline Edition
HP Insight Diagnostics 7.0.2 (A) Offline Edition
HP Insight Diagnostics 6.3.0.878 Online Edition for Windows 2000
HP Insight Diagnostics 6.3.1-1 Online Edition for Linux
HP Insight Diagnostics 6.3.1-1 Online Edition for Linux
HP Insight Diagnostics 7.0.1.1219 Online Edition for Windows Server 2003
HP Insight Diagnostics 7.0.2 (A) Offline Edition
HP Insight Diagnostics 7.0.1.1219 Online Edition for Windows Server 2003
HP Insight Diagnostics 7.0.1.1219 Online Edition for Windows 2000
HP Insight Diagnostics 7.0.1-8 Online Edition for Linux
HP Insight Diagnostics 7.0.1.1219 Online Edition for Windows 2000
HP Insight Diagnostics 7.0.0.1198 Online Edition for Windows 2000
HP Insight Diagnostics 7.0.1-8 Online Edition for Linux
HP Insight Diagnostics 7.9.0.2359 Online Edition for Windows Server 2003 x64
HP Insight Diagnostics 7.7.101 (2097) Offline Edition
HP Insight Management Agent 8.60.0.0
HP Insight Management Agent 8.30.0.0
HP Insight Diagnostics Online Edition For Windows 7.6.0
HP Insight Diagnostics Online Edition For Windows 8.1.5
HP Insight Diagnostics 7.6.0.1984 Online Edition for Windows Server 2003
HP Insight Diagnostics 7.5.2 Offline Edition
HP Insight Diagnostics 7.5.0.1679 Online Edition for Windows 2000
HP Insight Diagnostics 7.5.2 Offline Edition
HP Insight Diagnostics 7.6.0.1984 Online Edition for Windows 2000
HP Insight Diagnostics 7.6.0.1984 Online Edition for Windows 2003 x64
HP Imaging Device Functions 11.6
HP Imaging Device Functions 12.0
HP Insight Diagnostics 6.0.0 (A) Offline Edition
HP Imaging Device Functions 7.0
HP Insight Diagnostics 6.0.0 (A) Offline Edition
HP Imaging Device Functions 8.0
HP Insight Diagnostics 6.2.1 (A) Offline Edition
HP Imaging Device Functions 9.0
HP Insight Diagnostics 6.2.1 (A) Offline Edition
IMC Branch Intelligent Management System Software Module
HP Imaging Device Functions 13.0
HP Imaging Device Functions 14.0
HP Insight Control Performance Management 6.3
HP Imaging Device Functions 5.3
HP Imaging Device Functions 6.0
HP Insight Diagnostics 6.3.0-15 Online Edition for Linux
Linux Linux kernel 3.11 (not an official CPE)
HP Insight Diagnostics 6.3.0-15 Online Edition for Linux
HP Ignite-UX C.7.7.98
HP Insight Management Wbem Providers For Windows Server 2003/2008 2.5.0.0 (x64) 64-bit
HP Insight Management Wbem Providers For Windows Server 2003/2008 2.5.0.0
HP Insight Management Wbem Providers For Windows Server 2003/2008 2.4.0.0 (x64) 64-bit
HP Insight Management Wbem Providers For Windows Server 2003/2008 2.4.0.0
HP Image Zone 5.3
HP Insight Management Wbem Providers For Windows Server 2003/2008 2.3.0.0 (x64) 64-bit
HP Image Zone Express 1.5.1.29
HP Insight Management Wbem Providers For Windows Server 2003/2008 2.3.0.0
HP Image Zone 4.5
HP Insight Management Wbem Providers For Windows Server 2003/2008 2.2.1.0 (x64) 64-bit
HP Image Zone 4.7
HP Insight Management Wbem Providers For Windows Server 2003/2008 2.2.1.0
HP Ignite-UX C.7.9.260
HP Insight Management Wbem Providers 2.6.0.0
HP Ignite-UX C.7.9.261
HP Insight Management Wbem Providers 2.5.0.0
HP Ignite-UX C.7.8
HP Ignite-UX C.7.9.254
HP Imaging Barcode Scanner BW868AA
Improper Input Validation (ID 20)
Related CAPEC 58
Buffer Overflow via Environment Variables (CAPEC-ID 10)
Server Side Include (SSI) Injection (CAPEC-ID 101)
Cross Zone Scripting (CAPEC-ID 104)
Cross Site Scripting through Log Files (CAPEC-ID 106)
Command Line Execution through SQL Injection (CAPEC-ID 108)
Object Relational Mapping Injection (CAPEC-ID 109)
SQL Injection through SOAP Parameter Tampering (CAPEC-ID 110)
Subverting Environment Variable Values (CAPEC-ID 13)
Format String Injection (CAPEC-ID 135)
LDAP Injection (CAPEC-ID 136)
Relative Path Traversal (CAPEC-ID 139)
Client-side Injection-induced Buffer Overflow (CAPEC-ID 14)
Variable Manipulation (CAPEC-ID 171)
Embedding Scripts in Non-Script Elements (CAPEC-ID 18)
Flash Injection (CAPEC-ID 182)
Cross-Site Scripting Using Alternate Syntax (CAPEC-ID 199)
Exploiting Trust in Client (aka Make the Client Invisible) (CAPEC-ID 22)
XML Nested Payloads (CAPEC-ID 230)
XML Oversized Payloads (CAPEC-ID 231)
Filter Failure through Buffer Overflow (CAPEC-ID 24)
Cross-Site Scripting via Encoded URI Schemes (CAPEC-ID 244)
XML Injection (CAPEC-ID 250)
Environment Variable Manipulation (CAPEC-ID 264)
Global variable manipulation (CAPEC-ID 265)
Leverage Alternate Encoding (CAPEC-ID 267)
Fuzzing (CAPEC-ID 28)
Using Leading 'Ghost' Character Sequences to Bypass Input Filters (CAPEC-ID 3)
Accessing/Intercepting/Modifying HTTP Cookies (CAPEC-ID 31)
Embedding Scripts in HTTP Query Strings (CAPEC-ID 32)
MIME Conversion (CAPEC-ID 42)
Exploiting Multiple Input Interpretation Layers (CAPEC-ID 43)
Buffer Overflow via Symbolic Links (CAPEC-ID 45)
Overflow Variables and Tags (CAPEC-ID 46)
Buffer Overflow via Parameter Expansion (CAPEC-ID 47)
Signature Spoof (CAPEC-ID 473)
XML Client-Side Attack (CAPEC-ID 484)
Embedding NULL Bytes (CAPEC-ID 52)
Postfix, Null Terminate, and Backslash (CAPEC-ID 53)
Simple Script Injection (CAPEC-ID 63)
Using Slashes and URL Encoding Combined to Bypass Validation Logic (CAPEC-ID 64)
SQL Injection (CAPEC-ID 66)
String Format Overflow in syslog() (CAPEC-ID 67)
Blind SQL Injection (CAPEC-ID 7)
Using Unicode Encoding to Bypass Validation Logic (CAPEC-ID 71)
URL Encoding (CAPEC-ID 72)
User-Controlled Filename (CAPEC-ID 73)
Using Escaped Slashes in Alternate Encoding (CAPEC-ID 78)
Using Slashes in Alternate Encoding (CAPEC-ID 79)
Buffer Overflow in an API Call (CAPEC-ID 8)
Using UTF-8 Encoding to Bypass Validation Logic (CAPEC-ID 80)
Web Logs Tampering (CAPEC-ID 81)
XPath Injection (CAPEC-ID 83)
AJAX Fingerprinting (CAPEC-ID 85)
Embedding Script (XSS) in HTTP Headers (CAPEC-ID 86)
OS Command Injection (CAPEC-ID 88)
Buffer Overflow in Local Command-Line Utilities (CAPEC-ID 9)
XSS in IMG Tags (CAPEC-ID 91)
XML Parser Attack (CAPEC-ID 99)