{"id":"CVE-2023-1073","details":"A memory corruption flaw was found in the Linux kernel’s human interface device (HID) subsystem in how a user inserts a malicious USB device. This flaw allows a local user to crash or potentially escalate their privileges on the system.","modified":"2026-03-13T06:50:28.154607Z","published":"2023-03-27T21:15:10.287Z","related":["ALSA-2023:7077","ALSA-2024:0897","CGA-3m96-cwq8-6xmx","MGASA-2023-0087","MGASA-2023-0088"],"references":[{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html"},{"type":"WEB","url":"https://www.openwall.com/lists/osssecurity/2023/01/17/3"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2023/11/05/2"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2023/11/05/3"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2173403"},{"type":"FIX","url":"https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/id=b12fece4c64857e5fab4290bf01b2e0317a88456"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"8.0"}]},{"events":[{"introduced":"0"},{"last_affected":"9.0"}]},{"events":[{"introduced":"0"},{"last_affected":"37"}]}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-1073.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}