CVE-2019-20636 kernel: an out-of-bounds write via crafted keycode table could result in remote code execution

Solution In Progress - Updated -

Issue

  • In the Linux kernel before 5.4.12, drivers/input/input.c has out-of-bounds writes via a crafted keycode table, as demonstrated by input_set_keycode, aka CID-cb222aed03d7

Environment

  • Red Hat Enterprise Linux (RHEL) 6, 7, 8

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In