4 matches found
CVE-2026-23178
In the Linux kernel, the following vulnerability has been resolved: HID: i2c-hid: fix potential buffer overflow in i2chidgetreport i2chidxfer is used to read recvlen + sizeofle16 bytes of data into ihid-rawbuf. The former can come from the userspace in the hidraw driver and is only bounded by...
CVE-2026-23178
In the Linux kernel, the following vulnerability has been resolved: HID: i2c-hid: fix potential buffer overflow in i2chidgetreport i2chidxfer is used to read recvlen + sizeofle16 bytes of data into ihid-rawbuf. The former can come from the userspace in the hidraw driver and is only bounded by...
CVE-2026-23178
CVE-2026-23178 — Linux kernel HID i2c-hid buffer overflow . The vulnerability occurs in i2c_hid_get_report() where i2c_hid_xfer reads recv_len + 2 bytes into ihid->rawbuf. recv_len can be as large as HID_MAX_BUFFER_SIZE (16384) and not necessarily bounded by the actual destination buffer, risk...
AZL-42271 CVE-2024-35997 affecting package kernel for versions less than 5.15.158.1-1
In the Linux kernel, the following vulnerability has been resolved: HID: i2c-hid: remove I2CHIDREADPENDING flag to prevent lock-up The flag I2CHIDREADPENDING is used to serialize I2C operations. However, this is not necessary, because I2C core already has its own locking for that. More importantl...