Linux Kernel HID Wacom Timestamp Handling Vulnerability

A vulnerability exists in the Linux kernel's handling of timestamps within the HID Wacom driver. The issue arises because the driver uses an integer type to manage timestamps, which is insufficient for accurately storing these values. This mismanagement can lead to overflow errors, causing incorrect timestamp data to be sent to userspace. Such erroneous timestamps can disrupt input processing in userspace applications, making them unresponsive.

Impact

The vulnerability can cause input events in userspace to be mismanaged, leading to applications appearing unresponsive or 'hung'.

Reproduction

The vulnerability can be reproduced by using a Wacom device that sends Bluetooth events to a system running an affected version of the Linux kernel. The HID Wacom driver will incorrectly process the timestamps of these events, leading to the described input handling issues.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been addressed. Instructions for downloading the patched kernel can be found on the official Linux kernel website.