CVE-2021-46906

HID: usbhid: fix info leak in hid_submit_ctrl

Description

In the Linux kernel, the following vulnerability has been resolved: HID: usbhid: fix info leak in hid_submit_ctrl In hid_submit_ctrl(), the way of calculating the report length doesn't take into account that report->size can be zero. When running the syzkaller reproducer, a report of size 0 causes hid_submit_ctrl) to calculate transfer_buffer_length as 16384. When this urb is passed to the usb core layer, KMSAN reports an info leak of 16384 bytes. To fix this, first modify hid_report_len() to account for the zero report size case by using DIV_ROUND_UP for the division. Then, call it from hid_submit_ctrl().

Category

5.5
CVSS
Severity: Medium
CVSS 3.1 •
EPSS 0.01%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/c5d3c142f2d57d40c55e65d5622d319125a45366 patch
https://git.kernel.org/stable/c/41b1e71a2c57366b08dcca1a28b0d45ca69429ce patch
https://git.kernel.org/stable/c/8c064eece9a51856f3f275104520c7e3017fc5c0 patch
https://git.kernel.org/stable/c/0e280502be1b003c3483ae03fc60dea554fcfa82 patch
https://git.kernel.org/stable/c/7f5a4b24cdbd7372770a02f23e347d7d9a9ac8f1 patch
https://git.kernel.org/stable/c/b1e3596416d74ce95cc0b7b38472329a3818f8a9 patch
https://git.kernel.org/stable/c/21883bff0fd854e07429a773ff18f1e9658f50e8 patch
https://git.kernel.org/stable/c/6be388f4a35d2ce5ef7dbf635a8964a5da7f799f patch

Frequently Asked Questions

What is the severity of CVE-2021-46906?
CVE-2021-46906 has been scored as a medium severity vulnerability.
How to fix CVE-2021-46906?
To fix CVE-2021-46906, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2021-46906 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2021-46906 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2021-46906?
CVE-2021-46906 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.