CVE-2026-43136
HID: logitech-hidpp: Check maxfield in hidpp_get_report_length()
In the Linux kernel, the following vulnerability has been resolved:
HID: logitech-hidpp: Check maxfield in hidpp_get_report_length()
Do not crash when a report has no fields.
Fake USB gadgets can send their own HID report descriptors and can define report
structures without valid fields. This can be used to crash the kernel over USB.
Produtos afetados
Linux · LinuxQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://git.kernel.org/stable/c/1547d41f9f19d691c2c9ce4c29f746297baef9e9https://git.kernel.org/stable/c/1acb28123e57b50d737377f400f57eec889fe5e4https://git.kernel.org/stable/c/2dc023dbc11b8dfa8afa63242762acd8cddcad03https://git.kernel.org/stable/c/7f59999fcd699af06ad2aef446a635ea6aa87db3https://git.kernel.org/stable/c/ae81fac9ce81917817d787e6b74e68482d99bdf2https://git.kernel.org/stable/c/b74bf7d0d01fa9b53653f58c29aa00772121f6e9https://git.kernel.org/stable/c/f1ceaaf93ea32d0f2b95c95f784ee155962c52adhttps://git.kernel.org/stable/c/fb1725c0804dbec9dd01c4cb5c9f1f77a69e36dc