CVE-2026-23382

Published: Mar 25, 2026 Last Modified: Mar 25, 2026

ExploitDB:

Other exploit source:

Google Dorks:

Description

AI Translation Available

In the Linux kernel, the following vulnerability has been resolved:

HID: Add HID_CLAIMED_INPUT guards in raw_event callbacks missing them

In commit 2ff5baa9b527 ('HID: appleir: Fix potential NULL dereference at
raw event handle'), we handle the fact that raw event callbacks
can happen even for a HID device that has not been 'claimed' causing a
crash if a broken device were attempted to be connected to the system.

Fix up the remaining in-tree HID drivers that forgot to add this same
check to resolve the same issue.

https://git.kernel.org/stable/c/20864e3e41c74cda253a9fa6b6f…

https://git.kernel.org/stable/c/20864e3e41c74cda253a9fa6b6fe093c1461a6a9

https://git.kernel.org/stable/c/575122cd6569c4c4aa13c4c9958…

https://git.kernel.org/stable/c/575122cd6569c4c4aa13c4c9958fea506724c788

https://git.kernel.org/stable/c/6e330889e6c8db99f04d4feb861…

https://git.kernel.org/stable/c/6e330889e6c8db99f04d4feb861d23de4e8fbb13

https://git.kernel.org/stable/c/892dbaf46bb738dacf1fa663ead…

https://git.kernel.org/stable/c/892dbaf46bb738dacf1fa663eadb3712c85868f0

https://git.kernel.org/stable/c/ac83b0d91a3f4f0c012ba9c85fb…

https://git.kernel.org/stable/c/ac83b0d91a3f4f0c012ba9c85fb99436cddb1208

https://git.kernel.org/stable/c/ecfa6f34492c493a9a1dc2900f3…

https://git.kernel.org/stable/c/ecfa6f34492c493a9a1dc2900f3edeb01c79946b