CVE-2026-43152

The CVE-2026-43152 issue is in the Linux kernel HID subsystem (hid-pl): if probe errors during device init are not handled, a NULL pointer dereference can occur when a device using Force Feedback is interacted with. Exploitation details are not provided in the documents, but the vulnerability is ...

CVE-2025-38378

In the Linux kernel, the following vulnerability has been resolved: HID: appletb-kbd: fix slab use-after-free bug in appletbkbdprobe In probe appletbkbdprobe a "struct appletbkbd kbd" is allocated via devmkzalloc to store touch bar keyboard related data. Later on if backlightdevicegetbyname finds...

CVE-2022-49984

A flaw was found in the hid-steam module in the Linux kernel. A NULL pointer dereference can be triggered when a malicious device fails to submit a feature report, resulting in a denial of service...

CVE-2022-49508 HID: elan: Fix potential double free in elan_input_configured

In the Linux kernel, the following vulnerability has been resolved: HID: elan: Fix potential double free in elaninputconfigured 'input' is a managed resource allocated with devminputallocatedevice, so there is no need to call inputfreedevice explicitly or there will be a double free. According to...

CVE-2017-7273

The cpreportfixup function in drivers/hid/hid-cypress.c in the Linux kernel 3.2 and 4.x before 4.9.4 allows physically proximate attackers to cause a denial of service integer underflow or possibly have unspecified other impact via a crafted HID report...

CVE-2013-2892

drivers/hid/hid-pl.c in the Human Interface Device HID subsystem in the Linux kernel through 3.11, when CONFIGHIDPANTHERLORD is enabled, allows physically proximate attackers to cause a denial of service heap-based out-of-bounds write via a crafted device...