CVE-2026-23382 HID: Add HID_CLAIMED_INPUT guards in raw_event callbacks missing them

In the Linux kernel, the following vulnerability has been resolved: HID: Add HIDCLAIMEDINPUT guards in rawevent callbacks missing them In commit 2ff5baa9b527 "HID: appleir: Fix potential NULL dereference at raw event handle", we handle the fact that raw event callbacks can happen even for a HID...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004054)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004054 advisory. In the Linux kernel before 5.3.9, there are multiple out-of-bounds write bugs that can be caused by a malicious USB device in the Linux kernel HID drivers, aka...

MiracleLinux 4 : ccid-1.3.9-6.AXS4 (AXSA:2013-120:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2013-120:01 advisory. Generic USB CCID Chip/Smart Card Interface Devices driver. Security issues fixed with this release: CVE-2010-4530 Signedness error in ccidserial.c in libccid ...

Security update for bluez

This update for bluez fixes the following issues: CVE-2023-45866: keystroke injection and arbitrary command execution via HID device connections bsc1217877. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

EUVD-2019-1366

Malware in sbrugna...

USN-7790-1: Linux kernel (Raspberry Pi) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Compute Acceleration Framework; - Bus devices; - AMD CDX bus driver; - DP...

SUSE SLES15 Security Update : kernel (Live Patch 48 for SLE 15 SP3) (SUSE-SU-2025:02894-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02894-1 advisory. This update for the Linux Kernel 5.3.18-15030059174 fixes several issues. The following security issues were fixed: - CVE-2025-38494: HID: cor...

CVE-2025-38556

The Connected documents confirm CVE-2025-38556 affects the Linux kernel HID core, where the s32ton() conversion could crash when invoked with 0 bits. The fix HardenS32ton() so that it returns a reasonable result instead of faulting on 0-bit input, aligning behavior with snto32(). This CVE entry i...

PT-2025-33756

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.15.0 31 Description: A flaw exists in the Linux kernel related to Human Interface Devices HID with the APPLE MAGIC BACKLIGHT quirk. A malicious HID device can trigger a NULL pointer dereference within the appl...

USN-7591-3 linux-intel-iot-realtime, linux-realtime vulnerabilities

Michael Randrianantenaina discovered that the Bluetooth driver in the Linux Kernel contained an improper access control vulnerability. A nearby attacker could use this to connect a rougue device and possibly execute arbitrary code. CVE-2024-8805 It was discovered that the CIFS network file system...

USN-7402-1 linux, linux-aws, linux-gcp, linux-gke, linux-gkeop, linux-ibm, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-oem-6.8, linux-oracle, linux-oracle-6.8 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Block layer subsystem; - GPU drivers; - HID subsystem; - Media drivers; - JFS file system; - Network namespace; -...

kernel: HID: core: zero-initialize the report buffer

A vulnerability was found in the Linux kernel's driver for Human Interface Devices. This flaw allows an attacker to use a malicious input device to read information from the report buffer. This could be used to leak kernel memory, enabling the exploitation of additional vulnerabilities...

kernel: HID: core: zero-initialize the report buffer

A vulnerability was found in the Linux kernel's driver for Human Interface Devices. This flaw allows an attacker to use a malicious input device to read information from the report buffer. This could be used to leak kernel memory, enabling the exploitation of additional vulnerabilities...

PT-2025-2419 · Bluetooth · Bluetooth

Name of the Vulnerable Software and Affected Versions: Bluetooth affected versions not specified Description: The issue is caused by a logic error in the code that allows for the bypass of user consent to enable new Bluetooth Human Interface Devices HID. This could lead to a local escalation of...

The vulnerability of the implementations of TLS and SSL protocols in microprogrammable network interface devices from Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) series 2100 allows attackers to induce service interruptions.

The vulnerability of the implementations of TLS and SSL protocols in microprogrammable network interface devices from Cisco Adaptive Security Appliance ASA and Cisco Firepower Threat Defense FTD series 2100 is related to insufficient validation of input data. Exploiting this vulnerability can all...

The vulnerability of HID components in Microsoft Windows operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of HID components in Windows operating systems is related to insufficient protection of sensitive data. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...

kernel: memory leak in drivers/hid/hid-elo.c

A memory leak flaw was found in eloprobe in drivers/hid/hid-elo.c in the Human Interface Devices HID in the Linux kernel. This issue allows an attacker to cause a denial of service when hidparse in eloprobe fails...

kernel: memory leak in drivers/hid/hid-elo.c

A memory leak flaw was found in eloprobe in drivers/hid/hid-elo.c in the Human Interface Devices HID in the Linux kernel. This issue allows an attacker to cause a denial of service when hidparse in eloprobe fails...

Microsoft Windows Human Interface Devices 安全漏洞

Microsoft Windows Human Interface Devices is a Microsoft device class definition for replacing PS/2 style connectors with generic USB drivers to support HID devices such as keyboards, mice, game controllers, etc. A security vulnerability exists in Microsoft Windows Human Interface Devices. The...

The vulnerability of Human Interface Devices in the Windows operating system, which allows a hacker to increase their privileges

The vulnerability of Human Interface Devices in the Windows operating system is related to insecure management of privileges. Exploiting this vulnerability can allow attackers to enhance their privileges...