CVE-2026-43051

The CVE-2026-43051 issue affects the Linux kernel HID driver for Wacom devices, specifically the wacom_intuos_bt_irq() function. A length-bounds flaw in processing Bluetooth HID reports can permit an out-of-bounds read when handling reports 0x03 and 0x04, enabling leakage of memory content. The v...

SUSE-SU-2026:20041-1 Security update for bluez

This update for bluez fixes the following issues: - CVE-2023-45866: keystroke injection and arbitrary command execution via HID device connections bsc1217877...

SUSE SLES12 Security Update : bluez (SUSE-SU-2025:03590-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:03590-1 advisory. - CVE-2023-45866: keystroke injection and arbitrary command execution via HID device connections bsc1217877. Tenable has extracted the preceding...

SUSE-SU-2025:03277-1 Security update for bluez

This update for bluez fixes the following issues: - CVE-2023-45866: keystroke injection and arbitrary command execution via HID device connections bsc1217877...

Security update for bluez

This update for bluez fixes the following issues: CVE-2023-45866: keystroke injection and arbitrary command execution via HID device connections bsc1217877. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

CVE-2025-38016 HID: bpf: abort dispatch if device destroyed

In the Linux kernel, the following vulnerability has been resolved: HID: bpf: abort dispatch if device destroyed The current HID bpf implementation assumes no output report/request will go through it after hidbpfdestroydevice has been called. This leads to a bug that unplugging certain types of H...

CVE-2025-38016

CVE-2025-38016 (Linux kernel, HID: bpf: abort dispatch if device destroyed) is confirmed in connected sources as a HID subsystem issue in the Linux kernel. The vulnerability stems from HID-BPF dispatch when a HID device is destroyed: after hid_bpf_destroy_device(), a cleaned-up SRCU can be access...

CVE-2025-37862 HID: pidff: Fix null pointer dereference in pidff_find_fields

In the Linux kernel, the following vulnerability has been resolved: HID: pidff: Fix null pointer dereference in pidfffindfields This function triggered a null pointer dereference if used to search for a report that isn't implemented on the device. This happened both for optional and required...

CVE-2022-49508

In the Linux kernel, the following vulnerability has been resolved: HID: elan: Fix potential double free in elaninputconfigured 'input' is a managed resource allocated with devminputallocatedevice, so there is no need to call inputfreedevice explicitly or there will be a double free. According to...

CVE-2024-56629

Technical details about CVE-2024-56629 are not provided in the supplied documents. The connected sources do not specify affected products, root cause, or fixes. Monitor for updates and vendor advisories.

AutoGadgetFS - USB Testing Made Easy

What’s AutoGadgetFS ? AutoGadgetFS is an open source framework that allows users to assess USB devices and their associated hosts/drivers/software without an in-depth knowledge of the USB protocol. The tool is written in Python3 and utilizes RabbitMQ and WiFi access to enable researchers to condu...

broadcast-hid-discoveryd NSE Script

Discovers HID devices on a LAN by sending a discoveryd network broadcast probe. For more information about HID discoveryd, see: Script Arguments broadcast-hid-discoveryd.timeout socket timeout default: 5s broadcast-hid-discoveryd.address address to which the probe packet is sent. default:...

Debian DLA-772-1 : linux security update

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2012-6704, CVE-2016-9793 Eric Dumazet found that a local user with CAPNETADMIN capability could set a socket's buffer size to be negative, leading ...

Apple Mac OSX iOS - Double-Delete IOHIDEventQueue::start Code Execution

Apple Mac OSX iOS - Double-Delete IOHIDEventQueue::start Code Execution Source: https://code.google.com/p/google-security-research/issues/detail?id=542 The IOHIDLibUserClient allows us to create and manage IOHIDEventQueues corresponding to available HID devices. Here is the ::start method, which...

Important: kernel security update

kernel-2.4.21-50.EL - improve IGMP join processing during bonding failover Andy Gospodarek - fix EHCI period handling for high-speed USB HID devices Pete Zaitcev kernel-2.4.21-49.EL - fix dput crash regression caused in -47.5.EL Eric Sandeen - add ifcfg-bond0 documentation in bonding.txt Andy...