Medium severity5.5NVD Advisory· Published Feb 27, 2025· Updated May 12, 2026

CVE-2024-57986

Description

In the Linux kernel, the following vulnerability has been resolved:

HID: core: Fix assumption that Resolution Multipliers must be in Logical Collections

A report in 2019 by the syzbot fuzzer was found to be connected to two errors in the HID core associated with Resolution Multipliers. One of the errors was fixed by commit ea427a222d8b ("HID: core: Fix deadloop in hid_apply_multiplier."), but the other has not been fixed.

This error arises because hid_apply_multipler() assumes that every Resolution Multiplier control is contained in a Logical Collection, i.e., there's no way the routine can ever set multiplier_collection to NULL. This is in spite of the fact that the function starts with a big comment saying:

* "The Resolution Multiplier control must be contained in the same * Logical Collection as the control(s) to which it is to be applied. ... * If no Logical Collection is * defined, the Resolution Multiplier is associated with all * controls in the report." * HID Usage Table, v1.12, Section 4.3.1, p30 * * Thus, search from the current collection upwards until we find a * logical collection...

The comment and the code overlook the possibility that none of the collections found may be a Logical Collection.

The fix is to set the multiplier_collection pointer to NULL if the collection found isn't a Logical Collection.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

A flaw in the Linux kernel's HID core, where Resolution Multiplier controls not in a Logical Collection can cause a NULL pointer dereference, leading to a denial of service.

Vulnerability

In the Linux kernel HID core, the hid_apply_multiplier() function assumed that every Resolution Multiplier control must be contained in a Logical Collection, but this assumption could be violated by a malicious HID report. If the collection found was not a Logical Collection, the multiplier_collection pointer would remain non-NULL but point to an invalid collection, leading to a NULL pointer dereference [1].

References

SSA-265688

AI Insight generated on May 20, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

139

Linux/Kernelllm-fuzzy
osv-coords137 versions
pkg:deb/ubuntu/linux-aws@6.11.0-1014.15?arch=source&distro=oracular pkg:rpm/almalinux/kernel pkg:rpm/almalinux/kernel-64k pkg:rpm/almalinux/kernel-64k-core pkg:rpm/almalinux/kernel-64k-debug pkg:rpm/almalinux/kernel-64k-debug-core pkg:rpm/almalinux/kernel-64k-debug-devel pkg:rpm/almalinux/kernel-64k-debug-devel-matched pkg:rpm/almalinux/kernel-64k-debug-modules pkg:rpm/almalinux/kernel-64k-debug-modules-core pkg:rpm/almalinux/kernel-64k-debug-modules-extra pkg:rpm/almalinux/kernel-64k-devel pkg:rpm/almalinux/kernel-64k-devel-matched pkg:rpm/almalinux/kernel-64k-modules pkg:rpm/almalinux/kernel-64k-modules-core pkg:rpm/almalinux/kernel-64k-modules-extra pkg:rpm/almalinux/kernel-abi-stablelists pkg:rpm/almalinux/kernel-core pkg:rpm/almalinux/kernel-cross-headers pkg:rpm/almalinux/kernel-debug pkg:rpm/almalinux/kernel-debug-core pkg:rpm/almalinux/kernel-debug-devel pkg:rpm/almalinux/kernel-debug-devel-matched pkg:rpm/almalinux/kernel-debug-modules pkg:rpm/almalinux/kernel-debug-modules-core pkg:rpm/almalinux/kernel-debug-modules-extra pkg:rpm/almalinux/kernel-debug-uki-virt pkg:rpm/almalinux/kernel-devel pkg:rpm/almalinux/kernel-devel-matched pkg:rpm/almalinux/kernel-doc pkg:rpm/almalinux/kernel-headers pkg:rpm/almalinux/kernel-modules pkg:rpm/almalinux/kernel-modules-core pkg:rpm/almalinux/kernel-modules-extra pkg:rpm/almalinux/kernel-modules-extra-matched pkg:rpm/almalinux/kernel-rt pkg:rpm/almalinux/kernel-rt-64k pkg:rpm/almalinux/kernel-rt-64k-core pkg:rpm/almalinux/kernel-rt-64k-debug pkg:rpm/almalinux/kernel-rt-64k-debug-core pkg:rpm/almalinux/kernel-rt-64k-debug-devel pkg:rpm/almalinux/kernel-rt-64k-debug-modules pkg:rpm/almalinux/kernel-rt-64k-debug-modules-core pkg:rpm/almalinux/kernel-rt-64k-debug-modules-extra pkg:rpm/almalinux/kernel-rt-64k-devel pkg:rpm/almalinux/kernel-rt-64k-modules pkg:rpm/almalinux/kernel-rt-64k-modules-core pkg:rpm/almalinux/kernel-rt-64k-modules-extra pkg:rpm/almalinux/kernel-rt-core pkg:rpm/almalinux/kernel-rt-debug pkg:rpm/almalinux/kernel-rt-debug-core pkg:rpm/almalinux/kernel-rt-debug-devel pkg:rpm/almalinux/kernel-rt-debug-modules pkg:rpm/almalinux/kernel-rt-debug-modules-core pkg:rpm/almalinux/kernel-rt-debug-modules-extra pkg:rpm/almalinux/kernel-rt-devel pkg:rpm/almalinux/kernel-rt-modules pkg:rpm/almalinux/kernel-rt-modules-core pkg:rpm/almalinux/kernel-rt-modules-extra pkg:rpm/almalinux/kernel-tools pkg:rpm/almalinux/kernel-tools-libs pkg:rpm/almalinux/kernel-tools-libs-devel pkg:rpm/almalinux/kernel-uki-virt pkg:rpm/almalinux/kernel-uki-virt-addons pkg:rpm/almalinux/kernel-zfcpdump pkg:rpm/almalinux/kernel-zfcpdump-core pkg:rpm/almalinux/kernel-zfcpdump-devel pkg:rpm/almalinux/kernel-zfcpdump-devel-matched pkg:rpm/almalinux/kernel-zfcpdump-modules pkg:rpm/almalinux/kernel-zfcpdump-modules-core pkg:rpm/almalinux/kernel-zfcpdump-modules-extra pkg:rpm/almalinux/libperf pkg:rpm/almalinux/perf pkg:rpm/almalinux/python3-perf pkg:rpm/almalinux/rtla pkg:rpm/almalinux/rv pkg:rpm/opensuse/dtb-aarch64&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-64kb&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-azure&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-debug&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-default-base&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-default&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-docs&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-kvmsmall&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-obs-build&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-obs-qa&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-rt_debug&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-rt&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-source-azure&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-source&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-source-rt&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-syms-azure&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-syms&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-syms-rt&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/kernel-zfcpdump&distro=openSUSE%20Leap%2015.6 pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6 pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP6 pkg:rpm/suse/kernel-coco_debug&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Confidential%20Computing%20Technical%20Preview%2015%20SP6 pkg:rpm/suse/kernel-coco&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Confidential%20Computing%20Technical%20Preview%2015%20SP6 pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6 pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Micro%206.0 pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Micro%206.1 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP6 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP6 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP6 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Micro%206.0 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Micro%206.1 pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6 pkg:rpm/suse/kernel-kvmsmall&distro=SUSE%20Linux%20Micro%206.0 pkg:rpm/suse/kernel-kvmsmall&distro=SUSE%20Linux%20Micro%206.1 pkg:rpm/suse/kernel-livepatch-MICRO-6-0-RT_Update_6&distro=SUSE%20Linux%20Micro%206.0 pkg:rpm/suse/kernel-livepatch-MICRO-6-0-RT_Update_6&distro=SUSE%20Linux%20Micro%206.1 pkg:rpm/suse/kernel-livepatch-MICRO-6-0_Update_6&distro=SUSE%20Linux%20Micro%206.0 pkg:rpm/suse/kernel-livepatch-MICRO-6-0_Update_6&distro=SUSE%20Linux%20Micro%206.1 pkg:rpm/suse/kernel-livepatch-SLE15-SP6-RT_Update_10&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6 pkg:rpm/suse/kernel-livepatch-SLE15-SP6_Update_10&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6 pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6 pkg:rpm/suse/kernel-rt_debug&distro=SUSE%20Real%20Time%20Module%2015%20SP6 pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Micro%206.0 pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Micro%206.1 pkg:rpm/suse/kernel-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP6 pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP6 pkg:rpm/suse/kernel-source-coco&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Confidential%20Computing%20Technical%20Preview%2015%20SP6 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Micro%206.0 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Micro%206.1 pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Micro%206.0 pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Micro%206.1 pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP6 pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP6 pkg:rpm/suse/kernel-syms-coco&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Confidential%20Computing%20Technical%20Preview%2015%20SP6 pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6 pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP6 pkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6
< 6.11.0-1014.15+ 136 more
- (no CPE)range: < 6.11.0-1014.15
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.12.0-124.8.1.el10_1
- (no CPE)range: < 6.4.0-150600.23.47.1
- (no CPE)range: < 6.4.0-150600.23.47.2
- (no CPE)range: < 6.4.0-150600.8.34.2
- (no CPE)range: < 6.4.0-150600.23.47.2
- (no CPE)range: < 6.4.0-150600.23.47.2.150600.12.20.2
- (no CPE)range: < 6.4.0-150600.23.47.2
- (no CPE)range: < 6.4.0-150600.23.47.1
- (no CPE)range: < 6.4.0-150600.23.47.2
- (no CPE)range: < 6.4.0-150600.23.47.1
- (no CPE)range: < 6.4.0-150600.23.47.1
- (no CPE)range: < 6.4.0-150600.10.34.1
- (no CPE)range: < 6.4.0-150600.10.34.1
- (no CPE)range: < 6.4.0-150600.8.34.2
- (no CPE)range: < 6.4.0-150600.23.47.2
- (no CPE)range: < 6.4.0-150600.10.34.1
- (no CPE)range: < 6.4.0-150600.8.34.1
- (no CPE)range: < 6.4.0-150600.23.47.1
- (no CPE)range: < 6.4.0-150600.10.34.1
- (no CPE)range: < 6.4.0-150600.23.47.2
- (no CPE)range: < 6.4.0-150600.23.47.2
- (no CPE)range: < 6.4.0-150600.8.34.2
- (no CPE)range: < 6.4.0-15061.21.coco15sp6.1
- (no CPE)range: < 6.4.0-15061.21.coco15sp6.1
- (no CPE)range: < 6.4.0-150600.23.47.2.150600.12.20.2
- (no CPE)range: < 6.4.0-28.1.21.6
- (no CPE)range: < 6.4.0-28.1.21.6
- (no CPE)range: < 6.4.0-150600.23.47.2
- (no CPE)range: < 6.4.0-150600.23.47.2
- (no CPE)range: < 6.4.0-150600.23.47.2
- (no CPE)range: < 6.4.0-150600.23.47.2
- (no CPE)range: < 6.4.0-150600.23.47.2
- (no CPE)range: < 6.4.0-28.1
- (no CPE)range: < 6.4.0-28.1
- (no CPE)range: < 6.4.0-150600.23.47.1
- (no CPE)range: < 6.4.0-28.1
- (no CPE)range: < 6.4.0-28.1
- (no CPE)range: < 1-3.1
- (no CPE)range: < 1-3.1
- (no CPE)range: < 1-3.1
- (no CPE)range: < 1-3.1
- (no CPE)range: < 1-150600.1.5.1
- (no CPE)range: < 1-150600.13.5.1
- (no CPE)range: < 6.4.0-150600.23.47.1
- (no CPE)range: < 6.4.0-150600.10.34.1
- (no CPE)range: < 6.4.0-28.1
- (no CPE)range: < 6.4.0-28.1
- (no CPE)range: < 6.4.0-150600.10.34.1
- (no CPE)range: < 6.4.0-150600.8.34.2
- (no CPE)range: < 6.4.0-15061.21.coco15sp6.1
- (no CPE)range: < 6.4.0-150600.23.47.2
- (no CPE)range: < 6.4.0-150600.23.47.2
- (no CPE)range: < 6.4.0-28.1
- (no CPE)range: < 6.4.0-28.1
- (no CPE)range: < 6.4.0-28.1
- (no CPE)range: < 6.4.0-28.1
- (no CPE)range: < 6.4.0-150600.10.34.1
- (no CPE)range: < 6.4.0-150600.8.34.1
- (no CPE)range: < 6.4.0-15061.21.coco15sp6.1
- (no CPE)range: < 6.4.0-150600.23.47.1
- (no CPE)range: < 6.4.0-150600.10.34.1
- (no CPE)range: < 6.4.0-150600.23.47.2
Linux/Linuxcpe-rescue
Range: 5.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.358
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000