CVE-2026-43136

MEDIUM EPSS 2.8%
Published May 6, 20261mo ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published May 6, 2026 1mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: HID: logitech-hidpp: Check maxfield in hidpp_get_report_length() Do not crash when a report has no fields. Fake USB gadgets can send their own HID report descriptors and can define report structures without valid fields. This can be used to crash the kernel over USB.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
2.8% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 7

VendorProductVersionRange
linuxlinux_kernel*≥5.2  –  <5.10.252
linuxlinux_kernel*≥5.11  –  <5.15.202
linuxlinux_kernel*≥5.16  –  <6.1.165
linuxlinux_kernel*≥6.2  –  <6.6.128
linuxlinux_kernel*≥6.7  –  <6.12.75
linuxlinux_kernel*≥6.13  –  <6.18.16
linuxlinux_kernel*≥6.19  –  <6.19.6

References 8

  • git.kernel.org https://git.kernel.org/stable/c/1547d41f9f19d691c2c9ce4c29f746297baef9e9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/1acb28123e57b50d737377f400f57eec889fe5e4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/2dc023dbc11b8dfa8afa63242762acd8cddcad03
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7f59999fcd699af06ad2aef446a635ea6aa87db3
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ae81fac9ce81917817d787e6b74e68482d99bdf2
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b74bf7d0d01fa9b53653f58c29aa00772121f6e9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f1ceaaf93ea32d0f2b95c95f784ee155962c52ad
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/fb1725c0804dbec9dd01c4cb5c9f1f77a69e36dc
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/1547d41f9f19d691c2c9ce4c29f746297baef9e9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/1acb28123e57b50d737377f400f57eec889fe5e4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/2dc023dbc11b8dfa8afa63242762acd8cddcad03
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7f59999fcd699af06ad2aef446a635ea6aa87db3
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ae81fac9ce81917817d787e6b74e68482d99bdf2
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b74bf7d0d01fa9b53653f58c29aa00772121f6e9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f1ceaaf93ea32d0f2b95c95f784ee155962c52ad
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/fb1725c0804dbec9dd01c4cb5c9f1f77a69e36dc
    Patch