CVE-2026-6534 Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark

USB HID protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

EUVD-2026-26341

USB HID protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

CVE-2026-6534 Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark

USB HID protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

CVE-2026-6534

USB HID protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

PT-2026-36071

Name of the Vulnerable Software and Affected Versions Wireshark versions 4.6.0 through 4.6.4 Wireshark versions 4.4.0 through 4.4.14 Description An infinite loop in the USB HID protocol dissector can lead to a denial of service. Recommendations Update Wireshark versions 4.6.0 through 4.6.4 to a...

HID: alps: fix NULL pointer dereference in alps_raw_event()

...

HID: core: clamp report_size in s32ton() to avoid undefined shift

...

HID: magicmouse: avoid memory leak in magicmouse_report_fixup()

...

HID: apple: avoid memory leak in apple_report_fixup()

...

HID: asus: avoid memory leak in asus_report_fixup()

...

CVE-2026-31524

CVE-2026-31524 affects the Linux kernel HID ASUS driver. The asus_report_fixup() function allocated memory with kmemdup() but did not free it, causing a memory leak; the fix switches to devm_kzalloc() so memory is automatically freed with the device. A harmless out-of-bounds read was also correct...

CVE-2026-31522 HID: magicmouse: avoid memory leak in magicmouse_report_fixup()

In the Linux kernel, the following vulnerability has been resolved: HID: magicmouse: avoid memory leak in magicmousereportfixup The magicmousereportfixup function was returning a newly kmemdup-allocated buffer, but never freeing it. The caller of reportfixup does not take ownership of the returne...

QUACK! Making the (Rubber) Ducky Talk: A Systematic Study of Keystroke Dynamics for HID Injection Detection

Modern computing systems inherently trust human input devices, creating an exploitable attack surface for adversarial automation. USB Human Interface Device HID emulation attacks, such as those enabled by the USB Rubber Ducky, exploit this assumption to inject arbitrary keystroke sequences while...

CVE-2026-23462

A flaw was found in the Linux kernel's Bluetooth subsystem HIDP. A local attacker can exploit a use-after-free vulnerability by failing to properly drop a reference to an L2CAP Logical Link Control and Adaptation Protocol connection during a user removal callback. This memory corruption flaw may...

CVE-2026-31401

A flaw was found in the Linux kernel's Human Interface Device HID BPF Berkeley Packet Filter component. This vulnerability occurs in the hidhwrequest function, where an uncontrolled return value from dispatchhidbpfrawrequests can lead to a buffer overflow. This could allow a local attacker to cau...

EUVD-2026-18784

In the Linux kernel, the following vulnerability has been resolved: HID: bpf: prevent buffer overflow in hidhwrequest right now the returned value is considered to be always valid. However, when playing with HID-BPF, the return value can be arbitrary big, because it's the return value of...

CLSA-2026-1775224807 Fix of 95 CVEs

CVE-2025-39683 - tracing: Remove unneeded goto out logic CVE-2025-39683 - tracing: Limit access to parser-buffer when tracegetuser failed CVE-2025-39683 CVE-2025-38079 - crypto: algifhash - fix double free in hashaccept CVE-2025-38079 CVE-2025-38159 - wifi: rtw88: fix the 'para' buffer size to...

CVE-2026-31401

In the Linux kernel, the following vulnerability has been resolved: HID: bpf: prevent buffer overflow in hidhwrequest right now the returned value is considered to be always valid. However, when playing with HID-BPF, the return value can be arbitrary big, because it's the return value of...

CVE-2026-31401

The CVE-2026-31401 issue affects the Linux kernel HID BPF path, specifically hid_hw_request. The vulnerability arises from an uncontrolled/arbitrary return value from dispatch_hid_bpf_raw_requests() (via struct_ops), which can cause a buffer overflow and memory corruption. Exploitation is describ...

CVE-2026-31401 HID: bpf: prevent buffer overflow in hid_hw_request

In the Linux kernel, the following vulnerability has been resolved: HID: bpf: prevent buffer overflow in hidhwrequest right now the returned value is considered to be always valid. However, when playing with HID-BPF, the return value can be arbitrary big, because it's the return value of...