CVE-2019-13631

MEDIUM Year: 2019
CVSS v3 Score
6.8
Medium
CVSS v2 Score
4.6
Medium
Weakness Type
CWE-787
View all →

Vulnerability Description

In parse_hid_report_descriptor in drivers/input/tablet/gtco.c in the Linux kernel through 5.2.1, a malicious USB device can send an HID report that triggers an out-of-bounds write during generation of debugging messages.

Related Vulnerabilities

CVE-2017-18697

MEDIUM
CVSS:6.8(Medium)

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R7800 before 1.0.2.40 and R9000 before 1.0.2.52.

CWE-7872017

CVE-2017-18698

MEDIUM
CVSS:6.8(Medium)

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R6100 before 1.0.1.20, R7800 before 1.0.2.40, and R9000 before 1.0.2.52.

CWE-7872017

CVE-2017-18699

MEDIUM
CVSS:6.8(Medium)

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R7800 before 1.0.2.40 and R9000 before 1.0.2.52.

CWE-7872017

CVE-2017-18759

MEDIUM
CVSS:6.8(Medium)

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R8300 before 1.0.2.104 and R8500 before 1.0.2.104.

CWE-7872017

CVE-2017-18761

MEDIUM
CVSS:6.8(Medium)

NETGEAR R8000 devices before 1.0.4.2 are affected by a stack-based buffer overflow by an authenticated user.

CWE-7872017

CVE-2017-18865

MEDIUM
CVSS:6.8(Medium)

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R8300 before 1.0.2.104 and R8500 before 1.0.2.104.

CWE-7872017