SUSE CVE-2026-35094

A flaw was found in libinput. An attacker capable of deploying a Lua plugin file in specific system directories can exploit a dangling pointer vulnerability. This occurs when a garbage collection cleanup function is called, leaving a pointer that can then be printed to system logs. This could...

Linux Distros Unpatched Vulnerability : CVE-2026-35094

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libinput. An attacker capable of deploying a Lua plugin file in specific system directories can exploit a dangling pointer vulnerability. Th...

DEBIAN-CVE-2026-35094

A flaw was found in libinput. An attacker capable of deploying a Lua plugin file in specific system directories can exploit a dangling pointer vulnerability. This occurs when a garbage collection cleanup function is called, leaving a pointer that can then be printed to system logs. This could...

Arbitrary Code Injection

Overview Affected versions of this package are vulnerable to Arbitrary Code Injection via the luaLloadfile plugin in configuration directories. An attacker can execute unauthorized code and access sensitive information by placing a specially crafted Lua bytecode file in a system or user...

PT-2026-29525

Name of the Vulnerable Software and Affected Versions libinput affected versions not specified Description A flaw exists in libinput where an attacker who can deploy a Lua plugin file in specific system directories can exploit a dangling pointer vulnerability. This occurs when a garbage collectio...

libinput 安全漏洞

libinput is an open-source library from freedesktop. It provides a complete input stack for applications that need to handle input devices provided by the kernel, such as display servers. There is a security vulnerability in libinput, which allows attackers to deploy Lua plugins in specific syste...