{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2024-39509","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-06-25T14:23:23.753Z","datePublished":"2024-07-12T12:20:40.257Z","dateUpdated":"2025-11-03T21:56:29.387Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2025-05-04T09:17:20.202Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nHID: core: remove unnecessary WARN_ON() in implement()\n\nSyzkaller hit a warning [1] in a call to implement() when trying\nto write a value into a field of smaller size in an output report.\n\nSince implement() already has a warn message printed out with the\nhelp of hid_warn() and value in question gets trimmed with:\n\t...\n\tvalue &= m;\n\t...\nWARN_ON may be considered superfluous. Remove it to suppress future\nsyzkaller triggers.\n\n[1]\nWARNING: CPU: 0 PID: 5084 at drivers/hid/hid-core.c:1451 implement drivers/hid/hid-core.c:1451 [inline]\nWARNING: CPU: 0 PID: 5084 at drivers/hid/hid-core.c:1451 hid_output_report+0x548/0x760 drivers/hid/hid-core.c:1863\nModules linked in:\nCPU: 0 PID: 5084 Comm: syz-executor424 Not tainted 6.9.0-rc7-syzkaller-00183-gcf87f46fd34d #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024\nRIP: 0010:implement drivers/hid/hid-core.c:1451 [inline]\nRIP: 0010:hid_output_report+0x548/0x760 drivers/hid/hid-core.c:1863\n...\nCall Trace:\n <TASK>\n __usbhid_submit_report drivers/hid/usbhid/hid-core.c:591 [inline]\n usbhid_submit_report+0x43d/0x9e0 drivers/hid/usbhid/hid-core.c:636\n hiddev_ioctl+0x138b/0x1f00 drivers/hid/usbhid/hiddev.c:726\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:904 [inline]\n __se_sys_ioctl+0xfc/0x170 fs/ioctl.c:890\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf5/0x240 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n..."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/hid/hid-core.c"],"versions":[{"version":"95d1c8951e5bd50bb89654a99a7012b1e75646bd","lessThan":"955b3764671f3f157215194972d9c01a3a4bd316","status":"affected","versionType":"git"},{"version":"95d1c8951e5bd50bb89654a99a7012b1e75646bd","lessThan":"f9db5fbeffb951cac3f0fb1c2eeffb79785399ca","status":"affected","versionType":"git"},{"version":"95d1c8951e5bd50bb89654a99a7012b1e75646bd","lessThan":"33f6832798dd3297317901cc1db556ac3ae80c24","status":"affected","versionType":"git"},{"version":"95d1c8951e5bd50bb89654a99a7012b1e75646bd","lessThan":"8bac61934cd563b073cd30b8cf6d5c758ab5ab26","status":"affected","versionType":"git"},{"version":"95d1c8951e5bd50bb89654a99a7012b1e75646bd","lessThan":"bfd546fc7fd76076f81bf41b85b51ceda30949fd","status":"affected","versionType":"git"},{"version":"95d1c8951e5bd50bb89654a99a7012b1e75646bd","lessThan":"30f76bc468b9b2cbbd5d3eb482661e3e4798893f","status":"affected","versionType":"git"},{"version":"95d1c8951e5bd50bb89654a99a7012b1e75646bd","lessThan":"655c6de2f215b61d0708db6b06305eee9bbfeba2","status":"affected","versionType":"git"},{"version":"95d1c8951e5bd50bb89654a99a7012b1e75646bd","lessThan":"4aa2dcfbad538adf7becd0034a3754e1bd01b2b5","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/hid/hid-core.c"],"versions":[{"version":"4.7","status":"affected"},{"version":"0","lessThan":"4.7","status":"unaffected","versionType":"semver"},{"version":"4.19.317","lessThanOrEqual":"4.19.*","status":"unaffected","versionType":"semver"},{"version":"5.4.279","lessThanOrEqual":"5.4.*","status":"unaffected","versionType":"semver"},{"version":"5.10.221","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.162","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.95","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.35","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.9.6","lessThanOrEqual":"6.9.*","status":"unaffected","versionType":"semver"},{"version":"6.10","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.7","versionEndExcluding":"4.19.317"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.7","versionEndExcluding":"5.4.279"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.7","versionEndExcluding":"5.10.221"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.7","versionEndExcluding":"5.15.162"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.7","versionEndExcluding":"6.1.95"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.7","versionEndExcluding":"6.6.35"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.7","versionEndExcluding":"6.9.6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.7","versionEndExcluding":"6.10"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/955b3764671f3f157215194972d9c01a3a4bd316"},{"url":"https://git.kernel.org/stable/c/f9db5fbeffb951cac3f0fb1c2eeffb79785399ca"},{"url":"https://git.kernel.org/stable/c/33f6832798dd3297317901cc1db556ac3ae80c24"},{"url":"https://git.kernel.org/stable/c/8bac61934cd563b073cd30b8cf6d5c758ab5ab26"},{"url":"https://git.kernel.org/stable/c/bfd546fc7fd76076f81bf41b85b51ceda30949fd"},{"url":"https://git.kernel.org/stable/c/30f76bc468b9b2cbbd5d3eb482661e3e4798893f"},{"url":"https://git.kernel.org/stable/c/655c6de2f215b61d0708db6b06305eee9bbfeba2"},{"url":"https://git.kernel.org/stable/c/4aa2dcfbad538adf7becd0034a3754e1bd01b2b5"}],"title":"HID: core: remove unnecessary WARN_ON() in implement()","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"title":"CVE Program Container","references":[{"url":"https://git.kernel.org/stable/c/955b3764671f3f157215194972d9c01a3a4bd316","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/f9db5fbeffb951cac3f0fb1c2eeffb79785399ca","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/33f6832798dd3297317901cc1db556ac3ae80c24","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/8bac61934cd563b073cd30b8cf6d5c758ab5ab26","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/bfd546fc7fd76076f81bf41b85b51ceda30949fd","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/30f76bc468b9b2cbbd5d3eb482661e3e4798893f","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/655c6de2f215b61d0708db6b06305eee9bbfeba2","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/4aa2dcfbad538adf7becd0034a3754e1bd01b2b5","tags":["x_transferred"]},{"url":"https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-03T21:56:29.387Z"}},{"metrics":[{"other":{"type":"ssvc","content":{"id":"CVE-2024-39509","role":"CISA Coordinator","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"version":"2.0.3","timestamp":"2024-09-10T17:06:44.616328Z"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-09-11T17:34:39.031Z"}}]}}