CVE-2013-2894

Linux Kernel < 3.11 - Denial of Service via HID Lenovo ThinkPad Keyboard Driver

Title source: llm
STIX 2.1

Description

drivers/hid/hid-lenovo-tpkbd.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_LENOVO_TPKBD is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device.

References (4)

Core 4
Core References
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2020-1
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2023-1
Mailing List mailing-list x_refsource_mlist
http://marc.info/?l=linux-input&m=137772187514628&w=1
Mailing List mailing-list x_refsource_mlist
http://openwall.com/lists/oss-security/2013/08/28/13

Scores

EPSS 0.0037
EPSS Percentile 28.6%

Details

CWE
CWE-119
Status published
Products (44)
linux/linux_kernel 3.0 rc1 (7 CPE variants)
linux/linux_kernel 3.0.1
linux/linux_kernel 3.0.2
linux/linux_kernel 3.0.3
linux/linux_kernel 3.0.4
linux/linux_kernel 3.0.5
linux/linux_kernel 3.0.6
linux/linux_kernel 3.0.7
linux/linux_kernel 3.0.8
linux/linux_kernel 3.0.9
... and 34 more
Published Sep 16, 2013
Tracked Since Feb 18, 2026