SB20260507217 - Improper input validation in Linux kernel hid driver
Published: May 7, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 vulnerability.
1) Improper input validation (CVE-ID: CVE-2026-43136)
CWE-ID: CWE-20 - Improper input validation
CVSSv4: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows an attacker with physical access to cause a denial of service.
The vulnerability exists due to improper input validation in hidpp_get_report_length() when parsing HID report descriptors from a USB device. An attacker with physical access can connect a fake USB gadget with a crafted report descriptor to cause a denial of service.
The issue is triggered when a report defines no valid fields.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/1547d41f9f19d691c2c9ce4c29f746297baef9e9
- https://git.kernel.org/stable/c/1acb28123e57b50d737377f400f57eec889fe5e4
- https://git.kernel.org/stable/c/2dc023dbc11b8dfa8afa63242762acd8cddcad03
- https://git.kernel.org/stable/c/7f59999fcd699af06ad2aef446a635ea6aa87db3
- https://git.kernel.org/stable/c/ae81fac9ce81917817d787e6b74e68482d99bdf2
- https://git.kernel.org/stable/c/b74bf7d0d01fa9b53653f58c29aa00772121f6e9
- https://git.kernel.org/stable/c/f1ceaaf93ea32d0f2b95c95f784ee155962c52ad
- https://git.kernel.org/stable/c/fb1725c0804dbec9dd01c4cb5c9f1f77a69e36dc