CVE-2023-53797

Vulnerability

In the Linux kernel's HID subsystem, the Wacom driver incorrectly used the int type to store timestamps returned by functions like ktime_get. The int type lacks sufficient range to hold these values, leading to integer overflows when calculating or storing timestamps [1]. This is a type-mismatch bug that results in corrupted timestamp data being reported to userspace.

Exploitation

The vulnerability is triggered through normal interaction with a Wacom tablet device. No special privileges or authentication are required; the bug manifests whenever the driver processes input events and attempts to compute timestamps. The overflow occurs automatically during standard operation, affecting any system using the affected kernel versions with the vulnerable driver code.

Impact

Due to the overflow, userspace receives incorrect timestamp values. In some cases, these bad timestamps cause input handling in userspace to appear hung, effectively disrupting the user's ability to interact with the system through the tablet [1]. The impact is limited to denial of service (input unresponsiveness) and does not allow arbitrary code execution or privilege escalation.

Mitigation

The fix was applied in the Linux kernel stable tree via commits that replace the int timestamp storage with the proper ktime_t type [1][2][3]. Users should update to a kernel version containing these patches. No workaround is available other than applying the kernel update.