{"api_version":"1","generated_at":"2026-05-12T20:58:09+00:00","cve":"CVE-2024-50302","urls":{"html":"https://cve.report/CVE-2024-50302","api":"https://cve.report/api/cve/CVE-2024-50302.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2024-50302","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2024-50302"},"summary":{"title":"HID: core: zero-initialize the report buffer","description":"In the Linux kernel, the following vulnerability has been resolved:\n\nHID: core: zero-initialize the report buffer\n\nSince the report buffer is used by all kinds of drivers in various ways, let's\nzero-initialize it during allocation to make sure that it can't be ever used\nto leak kernel memory via specially-crafted report.","state":"PUBLISHED","assigner":"Linux","published_at":"2024-11-19 02:16:32","updated_at":"2026-05-12 18:47:16"},"problem_types":["CWE-908","CWE-908 CWE-908 Use of Uninitialized Resource"],"metrics":[{"version":"3.1","source":"nvd@nist.gov","type":"Primary","score":"5.5","severity":"MEDIUM","vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"}},{"version":"3.1","source":"ADP","type":"DECLARED","score":"5.5","severity":"MEDIUM","vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","data":{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"NONE","baseScore":5.5,"baseSeverity":"MEDIUM","confidentialityImpact":"HIGH","integrityImpact":"NONE","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","version":"3.1"}},{"version":"3.1","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","score":"5.5","severity":"MEDIUM","vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"}}],"references":[{"url":"https://git.kernel.org/stable/c/177f25d1292c7e16e1199b39c85480f7f8815552","name":"https://git.kernel.org/stable/c/177f25d1292c7e16e1199b39c85480f7f8815552","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/e7ea60184e1e88a3c9e437b3265cbb6439aa7e26","name":"https://git.kernel.org/stable/c/e7ea60184e1e88a3c9e437b3265cbb6439aa7e26","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/9d9f5c75c0c7f31766ec27d90f7a6ac673193191","name":"https://git.kernel.org/stable/c/9d9f5c75c0c7f31766ec27d90f7a6ac673193191","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html","name":"https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/d7dc68d82ab3fcfc3f65322465da3d7031d4ab46","name":"https://git.kernel.org/stable/c/d7dc68d82ab3fcfc3f65322465da3d7031d4ab46","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://cert-portal.siemens.com/productcert/html/ssa-265688.html","name":"https://cert-portal.siemens.com/productcert/html/ssa-265688.html","refsource":"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e","tags":["Third Party Advisory"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/1884ab3d22536a5c14b17c78c2ce76d1734e8b0b","name":"https://git.kernel.org/stable/c/1884ab3d22536a5c14b17c78c2ce76d1734e8b0b","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/05ade5d4337867929e7ef664e7ac8e0c734f1aaf","name":"https://git.kernel.org/stable/c/05ade5d4337867929e7ef664e7ac8e0c734f1aaf","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://cert-portal.siemens.com/productcert/html/ssa-355557.html","name":"https://cert-portal.siemens.com/productcert/html/ssa-355557.html","refsource":"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e","tags":["Third Party Advisory"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html","name":"https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/3f9e88f2672c4635960570ee9741778d4135ecf5","name":"https://git.kernel.org/stable/c/3f9e88f2672c4635960570ee9741778d4135ecf5","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/492015e6249fbcd42138b49de3c588d826dd9648","name":"https://git.kernel.org/stable/c/492015e6249fbcd42138b49de3c588d826dd9648","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-50302","name":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-50302","refsource":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["US Government Resource"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2024-50302","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-50302","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 27ce405039bfe6d3f4143415c638f56a3df77dca e7ea60184e1e88a3c9e437b3265cbb6439aa7e26 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 27ce405039bfe6d3f4143415c638f56a3df77dca 3f9e88f2672c4635960570ee9741778d4135ecf5 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 27ce405039bfe6d3f4143415c638f56a3df77dca d7dc68d82ab3fcfc3f65322465da3d7031d4ab46 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 27ce405039bfe6d3f4143415c638f56a3df77dca 05ade5d4337867929e7ef664e7ac8e0c734f1aaf git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 27ce405039bfe6d3f4143415c638f56a3df77dca 1884ab3d22536a5c14b17c78c2ce76d1734e8b0b git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 27ce405039bfe6d3f4143415c638f56a3df77dca 9d9f5c75c0c7f31766ec27d90f7a6ac673193191 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 27ce405039bfe6d3f4143415c638f56a3df77dca 492015e6249fbcd42138b49de3c588d826dd9648 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 27ce405039bfe6d3f4143415c638f56a3df77dca 177f25d1292c7e16e1199b39c85480f7f8815552 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected b2b6cadad699d44a8a5b2a60f3d960e00d6fb3b7 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected fe6c9b48ebc920ff21c10c50ab2729440c734254 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 3.12","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 3.12 semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 4.19.324 4.19.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 5.4.286 5.4.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 5.10.230 5.10.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 5.15.172 5.15.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 6.1.117 6.1.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 6.6.61 6.6.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 6.11.8 6.11.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 6.12 * original_commit_for_fix","platforms":[]},{"source":"ADP","vendor":"Siemens","product":"RUGGEDCOM RST2428P","version":"unaffected * custom","platforms":[]},{"source":"ADP","vendor":"Siemens","product":"SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family","version":"unaffected * custom","platforms":[]},{"source":"ADP","vendor":"Siemens","product":"SCALANCE XCM-/XRM-/XCH-/XRH-300 family","version":"unaffected * custom","platforms":[]},{"source":"ADP","vendor":"Siemens","product":"SIMATIC S7-1500 TM MFP - GNU/Linux subsystem","version":"affected * custom","platforms":[]}],"timeline":[{"source":"ADP","time":"2025-03-04T00:00:00.000Z","lang":"en","value":"CVE-2024-50302 added to CISA KEV"}],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2024","cve_id":"50302","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"11.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"50302","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"google","cpe5":"android","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"50302","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"50302","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"siemens","cpe5":"ruggedcom_rst2428p","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"50302","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"siemens","cpe5":"scalance_xc316-8","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"50302","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"siemens","cpe5":"scalance_xc319-4","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"50302","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"siemens","cpe5":"scalance_xc324-4","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"50302","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"siemens","cpe5":"scalance_xc324-4eec","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"50302","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"siemens","cpe5":"scalance_xc332","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"50302","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"siemens","cpe5":"scalance_xc416-8","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"50302","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"siemens","cpe5":"scalance_xc419-4","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"50302","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"siemens","cpe5":"scalance_xc424-4","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"50302","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"siemens","cpe5":"scalance_xc432","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"50302","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"siemens","cpe5":"scalance_xch328","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"50302","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"siemens","cpe5":"scalance_xcm324","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"50302","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"siemens","cpe5":"scalance_xcm328","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"50302","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"siemens","cpe5":"scalance_xcm332","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"50302","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"siemens","cpe5":"scalance_xr302-32","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"50302","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"siemens","cpe5":"scalance_xr322-12","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"50302","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"siemens","cpe5":"scalance_xr326-8","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"50302","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"siemens","cpe5":"scalance_xr326-8eec","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"50302","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"siemens","cpe5":"scalance_xr502-32","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"50302","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"siemens","cpe5":"scalance_xr522-12","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"50302","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"siemens","cpe5":"scalance_xr524-8c","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"50302","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"siemens","cpe5":"scalance_xr524-8wg","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"50302","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"siemens","cpe5":"scalance_xr526-8","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"50302","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"siemens","cpe5":"scalance_xr526-8c","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"50302","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"siemens","cpe5":"scalance_xr528-6m","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"50302","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"siemens","cpe5":"scalance_xr552-12m","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"50302","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"siemens","cpe5":"scalance_xrh334","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"50302","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"siemens","cpe5":"scalance_xrm334","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"50302","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"siemens","cpe5":"simatic_s7-1500_tm_mfp","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"50302","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"siemens","cpe5":"simatic_s7-1500_tm_mfp_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"50302","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"siemens","cpe5":"sinec_os","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":{"cve_year":"2024","cve_id":"50302","cve":"CVE-2024-50302","vendorProject":"Linux","product":"Kernel","vulnerabilityName":"Linux Kernel Use of Uninitialized Resource Vulnerability","dateAdded":"2025-03-04","shortDescription":"The Linux kernel contains a use of uninitialized resource vulnerability that allows an attacker to leak kernel memory via a specially crafted HID report.","requiredAction":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","dueDate":"2025-03-25","knownRansomwareCampaignUse":"Unknown","notes":"This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. For more information, please see: https://lore.kernel.org/linux-cve-announce/2024111908-CVE-2024-50302-f677@gregkh/ ; https://source.android.com/docs/security/bulletin/2025-03-01 ; https://nvd.nist.gov/vuln/detail/CVE-2024-50302","cwes":"CWE-908","catalogVersion":"2026.05.08","updated_at":"2026-05-08 17:29:15"},"epss":{"cve_year":"2024","cve_id":"50302","cve":"CVE-2024-50302","epss":"0.016980000","percentile":"0.824110000","score_date":"2026-05-11","updated_at":"2026-05-12 00:01:19"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"NONE","baseScore":5.5,"baseSeverity":"MEDIUM","confidentialityImpact":"HIGH","integrityImpact":"NONE","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","version":"3.1"}},{"other":{"content":{"id":"CVE-2024-50302","options":[{"Exploitation":"active"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","timestamp":"2025-03-05T04:55:26.718337Z","version":"2.0.3"},"type":"ssvc"}},{"other":{"content":{"dateAdded":"2025-03-04","reference":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-50302"},"type":"kev"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-908","description":"CWE-908 Use of Uninitialized Resource","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2025-10-21T22:55:35.755Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"references":[{"tags":["government-resource"],"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-50302"}],"timeline":[{"lang":"en","time":"2025-03-04T00:00:00.000Z","value":"CVE-2024-50302 added to CISA KEV"}],"title":"CISA ADP Vulnrichment"},{"providerMetadata":{"dateUpdated":"2025-11-03T22:28:19.656Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"},{"url":"https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"}],"title":"CVE Program Container"},{"affected":[{"defaultStatus":"unknown","product":"RUGGEDCOM RST2428P","vendor":"Siemens","versions":[{"lessThan":"*","status":"unaffected","version":"0","versionType":"custom"}]},{"defaultStatus":"unknown","product":"SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family","vendor":"Siemens","versions":[{"lessThan":"*","status":"unaffected","version":"0","versionType":"custom"}]},{"defaultStatus":"unknown","product":"SCALANCE XCM-/XRM-/XCH-/XRH-300 family","vendor":"Siemens","versions":[{"lessThan":"*","status":"unaffected","version":"0","versionType":"custom"}]},{"defaultStatus":"unknown","product":"SIMATIC S7-1500 TM MFP - GNU/Linux subsystem","vendor":"Siemens","versions":[{"lessThan":"*","status":"affected","version":"0","versionType":"custom"}]}],"providerMetadata":{"dateUpdated":"2026-05-12T12:01:00.886Z","orgId":"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e","shortName":"siemens-SADP"},"references":[{"url":"https://cert-portal.siemens.com/productcert/html/ssa-265688.html"},{"url":"https://cert-portal.siemens.com/productcert/html/ssa-355557.html"}],"x_adpType":"supplier"}],"cna":{"affected":[{"defaultStatus":"unaffected","product":"Linux","programFiles":["drivers/hid/hid-core.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","vendor":"Linux","versions":[{"lessThan":"e7ea60184e1e88a3c9e437b3265cbb6439aa7e26","status":"affected","version":"27ce405039bfe6d3f4143415c638f56a3df77dca","versionType":"git"},{"lessThan":"3f9e88f2672c4635960570ee9741778d4135ecf5","status":"affected","version":"27ce405039bfe6d3f4143415c638f56a3df77dca","versionType":"git"},{"lessThan":"d7dc68d82ab3fcfc3f65322465da3d7031d4ab46","status":"affected","version":"27ce405039bfe6d3f4143415c638f56a3df77dca","versionType":"git"},{"lessThan":"05ade5d4337867929e7ef664e7ac8e0c734f1aaf","status":"affected","version":"27ce405039bfe6d3f4143415c638f56a3df77dca","versionType":"git"},{"lessThan":"1884ab3d22536a5c14b17c78c2ce76d1734e8b0b","status":"affected","version":"27ce405039bfe6d3f4143415c638f56a3df77dca","versionType":"git"},{"lessThan":"9d9f5c75c0c7f31766ec27d90f7a6ac673193191","status":"affected","version":"27ce405039bfe6d3f4143415c638f56a3df77dca","versionType":"git"},{"lessThan":"492015e6249fbcd42138b49de3c588d826dd9648","status":"affected","version":"27ce405039bfe6d3f4143415c638f56a3df77dca","versionType":"git"},{"lessThan":"177f25d1292c7e16e1199b39c85480f7f8815552","status":"affected","version":"27ce405039bfe6d3f4143415c638f56a3df77dca","versionType":"git"},{"status":"affected","version":"b2b6cadad699d44a8a5b2a60f3d960e00d6fb3b7","versionType":"git"},{"status":"affected","version":"fe6c9b48ebc920ff21c10c50ab2729440c734254","versionType":"git"}]},{"defaultStatus":"affected","product":"Linux","programFiles":["drivers/hid/hid-core.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","vendor":"Linux","versions":[{"status":"affected","version":"3.12"},{"lessThan":"3.12","status":"unaffected","version":"0","versionType":"semver"},{"lessThanOrEqual":"4.19.*","status":"unaffected","version":"4.19.324","versionType":"semver"},{"lessThanOrEqual":"5.4.*","status":"unaffected","version":"5.4.286","versionType":"semver"},{"lessThanOrEqual":"5.10.*","status":"unaffected","version":"5.10.230","versionType":"semver"},{"lessThanOrEqual":"5.15.*","status":"unaffected","version":"5.15.172","versionType":"semver"},{"lessThanOrEqual":"6.1.*","status":"unaffected","version":"6.1.117","versionType":"semver"},{"lessThanOrEqual":"6.6.*","status":"unaffected","version":"6.6.61","versionType":"semver"},{"lessThanOrEqual":"6.11.*","status":"unaffected","version":"6.11.8","versionType":"semver"},{"lessThanOrEqual":"*","status":"unaffected","version":"6.12","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"cpeMatch":[{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"4.19.324","versionStartIncluding":"3.12","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"5.4.286","versionStartIncluding":"3.12","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"5.10.230","versionStartIncluding":"3.12","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"5.15.172","versionStartIncluding":"3.12","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.1.117","versionStartIncluding":"3.12","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.6.61","versionStartIncluding":"3.12","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.11.8","versionStartIncluding":"3.12","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.12","versionStartIncluding":"3.12","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.10.16","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.11.5","vulnerable":true}],"negate":false,"operator":"OR"}]}],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nHID: core: zero-initialize the report buffer\n\nSince the report buffer is used by all kinds of drivers in various ways, let's\nzero-initialize it during allocation to make sure that it can't be ever used\nto leak kernel memory via specially-crafted report."}],"providerMetadata":{"dateUpdated":"2026-05-11T20:49:31.433Z","orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux"},"references":[{"url":"https://git.kernel.org/stable/c/e7ea60184e1e88a3c9e437b3265cbb6439aa7e26"},{"url":"https://git.kernel.org/stable/c/3f9e88f2672c4635960570ee9741778d4135ecf5"},{"url":"https://git.kernel.org/stable/c/d7dc68d82ab3fcfc3f65322465da3d7031d4ab46"},{"url":"https://git.kernel.org/stable/c/05ade5d4337867929e7ef664e7ac8e0c734f1aaf"},{"url":"https://git.kernel.org/stable/c/1884ab3d22536a5c14b17c78c2ce76d1734e8b0b"},{"url":"https://git.kernel.org/stable/c/9d9f5c75c0c7f31766ec27d90f7a6ac673193191"},{"url":"https://git.kernel.org/stable/c/492015e6249fbcd42138b49de3c588d826dd9648"},{"url":"https://git.kernel.org/stable/c/177f25d1292c7e16e1199b39c85480f7f8815552"}],"title":"HID: core: zero-initialize the report buffer","x_generator":{"engine":"bippy-1.2.0"}}},"cveMetadata":{"assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","assignerShortName":"Linux","cveId":"CVE-2024-50302","datePublished":"2024-11-19T01:30:51.300Z","dateReserved":"2024-10-21T19:36:19.987Z","dateUpdated":"2026-05-12T12:01:00.886Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2024-11-19 02:16:32","lastModifiedDate":"2026-05-12 18:47:16","problem_types":["CWE-908","CWE-908 CWE-908 Use of Uninitialized Resource"],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":3.6}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:google:android:-:*:*:*:*:*:*:*","matchCriteriaId":"F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*","matchCriteriaId":"FA6FEEC2-9F11-4643-8827-749718254FED"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:simatic_s7-1500_tm_mfp_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"7F6C0262-1527-4F55-8BDE-973F59FE7E1B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:simatic_s7-1500_tm_mfp:-:*:*:*:*:*:*:*","matchCriteriaId":"754051AB-27D3-41CA-B2C8-79BAD48C8750"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:sinec_os:*:*:*:*:*:*:*:*","versionEndExcluding":"3.2","matchCriteriaId":"FA64F29A-AD82-4C61-BA69-AC9ABF9CFEF5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:ruggedcom_rst2428p:-:*:*:*:*:*:*:*","matchCriteriaId":"5162CF70-42A4-4CBD-BE7E-17526719138A"},{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:scalance_xc316-8:-:*:*:*:*:*:*:*","matchCriteriaId":"D5A0BBD2-432C-4C37-A371-EC11A00D52D8"},{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:scalance_xc319-4:-:*:*:*:*:*:*:*","matchCriteriaId":"7BBF5B37-DC44-42A1-A2D1-3D3BBE31BEEC"},{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:scalance_xc324-4:-:*:*:*:*:*:*:*","matchCriteriaId":"76572367-5EDD-438E-9682-25C243014840"},{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:scalance_xc324-4eec:-:*:*:*:*:*:*:*","matchCriteriaId":"D4C044CD-DA0B-4010-BABC-83C5FB9856D8"},{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:scalance_xc332:-:*:*:*:*:*:*:*","matchCriteriaId":"B320F7CF-B10C-45EB-9C90-929D1559F2BF"},{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:scalance_xc416-8:-:*:*:*:*:*:*:*","matchCriteriaId":"C6AE4732-7607-400A-A91E-6DF461D87960"},{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:scalance_xc419-4:-:*:*:*:*:*:*:*","matchCriteriaId":"0FCDCCBC-DAEF-4068-AEE7-05C94E681A32"},{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:scalance_xc424-4:-:*:*:*:*:*:*:*","matchCriteriaId":"5CEC02B5-FCB5-4A84-8525-6554924C2F92"},{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:scalance_xc432:-:*:*:*:*:*:*:*","matchCriteriaId":"26F3FFB6-C652-4A86-B335-99E135A1E46F"},{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:scalance_xch328:-:*:*:*:*:*:*:*","matchCriteriaId":"782C249B-9E3A-4434-85D6-1F69A038D829"},{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:scalance_xcm324:-:*:*:*:*:*:*:*","matchCriteriaId":"136D0CA3-725F-4D2F-9CC8-50900A6B34C8"},{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:scalance_xcm328:-:*:*:*:*:*:*:*","matchCriteriaId":"C2EC8600-BA60-4924-B884-AFAA2479148F"},{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:scalance_xcm332:-:*:*:*:*:*:*:*","matchCriteriaId":"05A09417-83A6-42AC-A89E-DEFDC942DA39"},{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:scalance_xr302-32:-:*:*:*:*:*:*:*","matchCriteriaId":"A9466814-A230-4AC9-AB45-0E239AC6D835"},{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:scalance_xr322-12:-:*:*:*:*:*:*:*","matchCriteriaId":"6D120370-64EE-4BA5-AE3D-0DC4BB981935"},{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:scalance_xr326-8:-:*:*:*:*:*:*:*","matchCriteriaId":"D6361663-6D4A-408D-B3CD-694988C95AB5"},{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:scalance_xr326-8eec:-:*:*:*:*:*:*:*","matchCriteriaId":"16FFF08F-677B-448A-82E1-E76707D9E6F1"},{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:scalance_xr502-32:-:*:*:*:*:*:*:*","matchCriteriaId":"3A037C08-0764-452D-A821-8948164C480A"},{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:scalance_xr522-12:-:*:*:*:*:*:*:*","matchCriteriaId":"467779F9-C715-402E-9A5B-80015424B129"},{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:scalance_xr524-8c:-:*:*:*:*:*:*:*","matchCriteriaId":"B0E6B7D8-3F9E-43D6-AEFE-DEE3993679C5"},{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:scalance_xr524-8wg:-:*:*:*:*:*:*:*","matchCriteriaId":"AE3879F0-02AB-4ABE-9753-BED7BA46965A"},{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:scalance_xr526-8:-:*:*:*:*:*:*:*","matchCriteriaId":"9ECC2EEE-B583-45E0-AEAC-B1225CEBAA30"},{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:scalance_xr526-8c:-:*:*:*:*:*:*:*","matchCriteriaId":"67661569-6233-4C74-9C72-88BD14B257FE"},{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:scalance_xr528-6m:-:*:*:*:*:*:*:*","matchCriteriaId":"3E048C4A-A414-4C87-A865-4D4218AE32EE"},{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:scalance_xr552-12m:-:*:*:*:*:*:*:*","matchCriteriaId":"4A806691-3F4B-46AA-9718-2F6BF0FD3D7A"},{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:scalance_xrh334:-:*:*:*:*:*:*:*","matchCriteriaId":"06FA1667-965A-4119-A519-F9119B5358DF"},{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:scalance_xrm334:-:*:*:*:*:*:*:*","matchCriteriaId":"C5FC3042-0224-45AE-B516-7934EF15DCC8"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.12","versionEndExcluding":"4.19.324","matchCriteriaId":"7D982986-F7AE-4B56-8E3E-D34CE2B7AF38"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.20","versionEndExcluding":"5.4.286","matchCriteriaId":"9952C897-8A61-4D4B-9D6D-7D063E9EA15E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.5","versionEndExcluding":"5.10.230","matchCriteriaId":"BF5B32D0-72C9-41C3-A0BB-D4946153C134"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.172","matchCriteriaId":"88812664-4296-42AC-AE0F-ED71086C1BB1"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.117","matchCriteriaId":"0DD7F755-2F6B-4707-8973-78496AD5AA8E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.61","matchCriteriaId":"630ED7EB-C97E-4435-B884-1E309E40D6F3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.11.8","matchCriteriaId":"0BD000F7-3DAD-4DD3-8906-98EA1EC67E95"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*","matchCriteriaId":"7F361E1D-580F-4A2D-A509-7615F73167A1"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*","matchCriteriaId":"925478D0-3E3D-4E6F-ACD5-09F28D5DF82C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*","matchCriteriaId":"3C95E234-D335-4B6C-96BF-E2CEBD8654ED"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:*","matchCriteriaId":"E0F717D8-3014-4F84-8086-0124B2111379"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.12:rc5:*:*:*:*:*:*","matchCriteriaId":"24DBE6C7-2AAE-4818-AED2-E131F153D2FA"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.12:rc6:*:*:*:*:*:*","matchCriteriaId":"24B88717-53F5-42AA-9B72-14C707639E3F"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2024","CveId":"50302","Ordinal":"1","Title":"HID: core: zero-initialize the report buffer","CVE":"CVE-2024-50302","Year":"2024"},"notes":[{"CveYear":"2024","CveId":"50302","Ordinal":"1","NoteData":"In the Linux kernel, the following vulnerability has been resolved:\n\nHID: core: zero-initialize the report buffer\n\nSince the report buffer is used by all kinds of drivers in various ways, let's\nzero-initialize it during allocation to make sure that it can't be ever used\nto leak kernel memory via specially-crafted report.","Type":"Description","Title":"HID: core: zero-initialize the report buffer"}]}}}