CVE-2026-23382
MEDIUM EPSS 1.8%
Published Mar 25, 20263mo ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Published Mar 25, 2026 3mo ago
Last Modified Jun 17, 2026 2w ago
Description
In the Linux kernel, the following vulnerability has been resolved: HID: Add HID_CLAIMED_INPUT guards in raw_event callbacks missing them In commit 2ff5baa9b527 ("HID: appleir: Fix potential NULL dereference at raw event handle"), we handle the fact that raw event callbacks can happen even for a HID device that has not been "claimed" causing a crash if a broken device were attempted to be connected to the system. Fix up the remaining in-tree HID drivers that forgot to add this same check to resolve the same issue.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High
Threat Intelligence
EPSS Exploit Probability
1.8% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 1
CWE-476 NULL Pointer Dereference Memory Safety
Affected Products 15
| Vendor | Product | Version | Range |
|---|---|---|---|
| linux | linux_kernel | * | ≥2.6.35.1 – <5.10.253 |
| linux | linux_kernel | * | ≥5.11 – <5.15.203 |
| linux | linux_kernel | * | ≥5.16 – <6.1.167 |
| linux | linux_kernel | * | ≥6.2 – <6.6.130 |
| linux | linux_kernel | * | ≥6.7 – <6.12.77 |
| linux | linux_kernel | * | ≥6.13 – <6.18.17 |
| linux | linux_kernel | * | ≥6.19 – <6.19.7 |
| linux | linux_kernel | 2.6.35 | any |
| linux | linux_kernel | 7.0 | any |
| linux | linux_kernel | 7.0 | any |
| linux | linux_kernel | 7.0 | any |
| linux | linux_kernel | 7.0 | any |
| linux | linux_kernel | 7.0 | any |
| linux | linux_kernel | 7.0 | any |
| linux | linux_kernel | 7.0 | any |
References 8
- git.kernel.org https://git.kernel.org/stable/c/20864e3e41c74cda253a9fa6b6fe093c1461a6a9
- git.kernel.org https://git.kernel.org/stable/c/575122cd6569c4c4aa13c4c9958fea506724c788
- git.kernel.org https://git.kernel.org/stable/c/6e330889e6c8db99f04d4feb861d23de4e8fbb13
- git.kernel.org https://git.kernel.org/stable/c/892dbaf46bb738dacf1fa663eadb3712c85868f0
- git.kernel.org https://git.kernel.org/stable/c/ac83b0d91a3f4f0c012ba9c85fb99436cddb1208
- git.kernel.org https://git.kernel.org/stable/c/b48284d7f0f76023b215a3409cdc989b5081eadf
- git.kernel.org https://git.kernel.org/stable/c/de316c1edf15bc30ff5e0d4c7b37c70fd41cf319
- git.kernel.org https://git.kernel.org/stable/c/ecfa6f34492c493a9a1dc2900f3edeb01c79946b
Remediation
- git.kernel.org https://git.kernel.org/stable/c/20864e3e41c74cda253a9fa6b6fe093c1461a6a9
- git.kernel.org https://git.kernel.org/stable/c/575122cd6569c4c4aa13c4c9958fea506724c788
- git.kernel.org https://git.kernel.org/stable/c/6e330889e6c8db99f04d4feb861d23de4e8fbb13
- git.kernel.org https://git.kernel.org/stable/c/892dbaf46bb738dacf1fa663eadb3712c85868f0
- git.kernel.org https://git.kernel.org/stable/c/ac83b0d91a3f4f0c012ba9c85fb99436cddb1208
- git.kernel.org https://git.kernel.org/stable/c/b48284d7f0f76023b215a3409cdc989b5081eadf
- git.kernel.org https://git.kernel.org/stable/c/de316c1edf15bc30ff5e0d4c7b37c70fd41cf319
- git.kernel.org https://git.kernel.org/stable/c/ecfa6f34492c493a9a1dc2900f3edeb01c79946b