Fedora 44 : libinput (2026-5e2446b30f)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-5e2446b30f advisory. libinput 1.31.3, fixes a udev property inject via uinput devices that can lead to local privilege escalation Tenable has extracted the preceding description...

CVE-2026-50265

Rejected reason: This CVE ID was assigned as a duplicate of CVE-2026-50292...

CVE-2026-50265

CVE-2026-50265 describes a local privilege escalation in libinput. A local attacker with access to /dev/uinput can inject arbitrary udev properties via the libinput-device-group helper, which can lead to root code execution (e.g., through REMOVE_CMD properties executed when a device is removed). ...

CVE-2026-50265

...

CVE-2026-50265

...

CVE-2026-50265

A flaw was found in libinput. A local attacker with access to /dev/uinput can inject arbitrary udev properties through the libinput-device-group helper. This injection can lead to root code execution, for example, by exploiting REMOVECMD properties that are executed when a device is removed. This...

Linux Distros Unpatched Vulnerability : CVE-2026-50265

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libinput. A local attacker with access to /dev/uinput can inject arbitrary udev properties through the libinput-device-group helper. This...

PT-2026-46929

Name of the Vulnerable Software and Affected Versions libinput affected versions not specified Description A flaw in libinput allows a local attacker with access to '/dev/uinput' to inject arbitrary udev properties via the libinput-device-group helper. This injection can lead to root code...

Astra Linux – Vulnerability in open-vm-tools

open-vm-tools contains a file descriptor hijacking vulnerability in the vmware-user-suid-wrapper. A malicious actor with non-root privileges may be able to hijack the /dev/uinput file descriptor, allowing them to simulate user inputs...

Linux Distros Unpatched Vulnerability : CVE-2026-31667

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Input: uinput - fix circular locking dependency with ff-core A lockdep circular locking dependency warning can be triggered reproducibly when using a...

Input: uinput - fix circular locking dependency with ff-core

...

SUSE CVE-2026-31667

In the Linux kernel, the following vulnerability has been resolved: Input: uinput - fix circular locking dependency with ff-core A lockdep circular locking dependency warning can be triggered reproducibly when using a force-feedback gamepad with uinput for example, playing ELDEN RING under Wine...

CVE-2026-31667

In the Linux kernel, the following vulnerability has been resolved: Input: uinput - fix circular locking dependency with ff-core A lockdep circular locking dependency warning can be triggered reproducibly when using a force-feedback gamepad with uinput for example, playing ELDEN RING under Wine...

DEBIAN-CVE-2026-31667

In the Linux kernel, the following vulnerability has been resolved: Input: uinput - fix circular locking dependency with ff-core A lockdep circular locking dependency warning can be triggered reproducibly when using a force-feedback gamepad with uinput for example, playing ELDEN RING under Wine...

EUVD-2026-25560

In the Linux kernel, the following vulnerability has been resolved: Input: uinput - fix circular locking dependency with ff-core A lockdep circular locking dependency warning can be triggered reproducibly when using a force-feedback gamepad with uinput for example, playing ELDEN RING under Wine...

CVE-2026-31667

In the Linux kernel, the following vulnerability has been resolved: Input: uinput - fix circular locking dependency with ff-core A lockdep circular locking dependency warning can be triggered reproducibly when using a force-feedback gamepad with uinput for example, playing ELDEN RING under Wine...

CVE-2026-31667

In the Linux kernel, the following vulnerability has been resolved: Input: uinput - fix circular locking dependency with ff-core A lockdep circular locking dependency warning can be triggered reproducibly when using a force-feedback gamepad with uinput for example, playing ELDEN RING under Wine...

CVE-2026-31667

CVE-2026-31667 concerns the Linux kernel’s uinput and ff-core, where a circular locking dependency could cause a local deadlock when a force-feedback gamepad is used. The concrete sequence involves four lock paths that form a cycle: ff->mutex, udev->mutex, input_mutex, dev->mutex, and ba...

CVE-2026-31667 Input: uinput - fix circular locking dependency with ff-core

In the Linux kernel, the following vulnerability has been resolved: Input: uinput - fix circular locking dependency with ff-core A lockdep circular locking dependency warning can be triggered reproducibly when using a force-feedback gamepad with uinput for example, playing ELDEN RING under Wine...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the loop lock dependency in uinput, potentially leading to a deadlock...