Benjamin Tissoires

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A flaw exists in the HID core where the `memset()` function within `hid report raw event()` attempts to clear data by zeroing the area between the end of the incoming data string and the assumed end of the buffer. This operation can lead to out-of-bounds (OOB) reads and writes—where the system accesses memory outside the intended boundary—in the subsequent thread of execution. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to a null pointer dereference in the HID bigbenff module when emulating a device through uhid. There is a chance that output reports are not available, resulting in a null `report field`. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.