Lucene search
K

475 matches found

RedHat Linux
RedHat Linux
added 2026/06/16 7:18 a.m.6 views

wireshark: Improperly Controlled Sequential Memory Allocation in Wireshark

A flaw was found in the USB HID dissector in Wireshark. This issue occurs when malformed packets are decoded from a pcap file or the network, causing an excessive consumption of memory, resulting in a denial of service...

7.5CVSS5.1AI score0.00184EPSS
Exploits2References6
OSV
OSV
added 2026/05/31 12:0 a.m.39 views

RLSA-2026:21745 Important: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: Bluetooth: MGMT: Fix possible UAFs CVE-2025-39981 kernel: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr...

7.8CVSS6.6AI score0.00514EPSS
Exploits0References19
OSV
OSV
added 2026/05/30 6:3 p.m.46 views

RLSA-2026:21556 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: proc: use the same treatment to check proclseek as ones for procreaditer et.al CVE-2025-38653 kernel: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr CVE-2025-68183...

7.8CVSS6.4AI score0.00514EPSS
Exploits0References20
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.12 views

AlmaLinux 8 : kernel-rt (ALSA-2026:21745)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:21745 advisory. kernel: Bluetooth: MGMT: Fix possible UAFs CVE-2025-39981 kernel: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr CVE-2025-68183...

9.4CVSS6AI score0.00514EPSS
Exploits0References20
RedhatCVE
RedhatCVE
added 2026/05/28 9:8 p.m.11 views

CVE-2026-46232

A flaw was found in the Linux kernel's Human Interface Device HID PlayStation driver. A malicious device could provide an excessively large number of touch reports, leading to an out-of-bounds read in the dualshock4parsereport function. This could allow an attacker to read up to 2 KiB of kernel...

8.1CVSS5.7AI score0.00258EPSS
Exploits0References4
CVE
CVE
added 2026/05/28 9:40 a.m.33 views

CVE-2026-46202

CVE-2026-46202 concerns the Linux kernel HID driver for the Apple Touch Bar (hid-appletb-kbd). The issue arises when inactivity autodim uses backlight_device_set_brightness() from two atomic contexts (a timer_list callback and input/event paths), causing a mutex lock from an atomic context bug an...

5.5CVSS6AI score0.00128EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2026/05/28 9:40 a.m.11 views

CVE-2026-46202

In the Linux kernel, the following vulnerability has been resolved: HID: appletb-kbd: run inactivity autodim from workqueues The autodim code in hid-appletb-kbd takes backlightdevice-opslock via backlightdevicesetbrightness - mutexlock from two different atomic contexts: appletbinactivitytimer is...

5.5CVSS5.9AI score0.00128EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/05/28 2:41 a.m.34 views

kernel: HID: wacom: fix out-of-bounds read in wacom_intuos_bt_irq

A flaw was found in the Linux kernel's Wacom Human Interface Device HID driver. This vulnerability allows a remote attacker to trigger an out-of-bounds read by sending a specially crafted, short Bluetooth HID report. This can lead to the disclosure of sensitive information from the system's memor...

8.1CVSS5.8AI score0.00255EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/05/27 11:2 p.m.11 views

CVE-2026-45969

A flaw was found in the Linux kernel's Human Interface Device HID PlayStation driver. The psgamepadcreate function does not verify the return value of inputffcreatememless. This missing check can lead to incorrect behavior or potential system crashes when Force Feedback FF effects are activated...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/05/27 12:16 p.m.13 views

CVE-2026-45877

In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: fix NULL-ptr-deref in ishtpbusremoveallclients During a warm reset flow, the cl-device pointer may be NULL if the reset occurs while clients are still being enumerated. Accessing cl-device-referencecount witho...

5.5CVSS5.7AI score0.00155EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: HID: bigbenff: prevent null pointer dereference When emulating the device through UHID, there is a possibility that we do not have output reports, and as a result, reportfield is set to null...

5.5CVSS5.3AI score0.00239EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: HID: uclogic: The reference to the devm device for the hidinput inputdevice name must be corrected. Instead of referring to the input device, the correct device should be used. Referring to the inputdevice would lead to a...

7.8CVSS5.8AI score0.0013EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: HID: i2c-hid: removed the I2CHIDREADPENDING flag to prevent lock-ups. The I2CHIDREADPENDING flag is used to serialize I2C operations. However, this is not necessary, as the I2C core already has its own locking mechanisms for this...

5.5CVSS5.6AI score0.00177EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: HID: corsair-void: Added missing delayed work cancellation for headset status. The call to canceldelayedworksync was missed, resulting in a use-after-free in corsairvoidremove...

7.8CVSS6.2AI score0.0021EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: HID: pidff: Fix for the condition effect bit clearing issue As reported by MPDarkGuy on Discord, NULL pointer dereferencing occurred because not all conditional effect bits were cleared. Properly clear all conditional effect bits...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.10 views

Astra Linux – Vulnerability in Linux 5.10, Linux

A memory corruption flaw was discovered in the Linux kernel’s Human Interface Device HID subsystem, regarding the way a malicious USB device is inserted by a user. This flaw allows a local user to crash the system or potentially escalate their privileges on the system...

6.6CVSS6.6AI score0.00391EPSS
Exploits0References2
Redos
Redos
added 2026/05/20 12:0 a.m.11 views

ROS-20260520-73-0001

A vulnerability in the HID component of the Linux operating system kernel is related to memory utilization after it has been freed. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

7.8CVSS5.8AI score0.00153EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/16 1:15 a.m.13 views

SUSE CVE-2026-8515

Use after free in HID in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.3CVSS5.8AI score0.00207EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/15 7:22 a.m.10 views

CVE-2026-8515

An use after free flaw was found in the HID component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=495999127...

9.6CVSS5.7AI score0.00207EPSS
Exploits0References5
NVD
NVD
added 2026/05/14 8:17 p.m.11 views

CVE-2026-8515

Use after free in HID in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.3CVSS0.00207EPSS
Exploits0References2
Rows per page
Query Builder