HIGHCVE-2026-31401Published Modified CNA Linux
CVE-2026-31401: HID: bpf: prevent buffer overflow in hid_hw_request
In the Linux kernel, the following vulnerability has been resolved: HID: bpf: prevent buffer overflow in hid_hw_request right now the returned value is considered to be always valid. However, when playing with HID-BPF, the return value can be arbitrary big, because it's the return value of dispatch_hid_bpf_raw_requests(), which calls the struct_ops and we have no guarantees that the value makes sense.
Metrics
- CVSS v3.1
- 7.8
- Severity
- HIGH
- Fixed in
- 0
- Affected Products
- 2
Fix available
02b658c1c442ec1cd9eec5ead98d68662c40fe6456.12.786.18.206.19.107.073c5b5aea1c443239c8cb4191b4af7a4bd6fd7b1d6efaa50af62fb0790dd1fd4e7e5506b46312510eb57dae20fdf6f3069cdc07821fa3bb46de381d7
Affected packages
- Linux / Linux< d6efaa50af62fb0790dd1fd4e7e5506b46312510 (from 8bd0488b5ea58655ad6fdcbe0408ef49b16882b1) · < 73c5b5aea1c443239c8cb4191b4af7a4bd6fd7b1 (from 8bd0488b5ea58655ad6fdcbe0408ef49b16882b1) · < eb57dae20fdf6f3069cdc07821fa3bb46de381d7 (from 8bd0488b5ea58655ad6fdcbe0408ef49b16882b1) · < 2b658c1c442ec1cd9eec5ead98d68662c40fe645 (from 8bd0488b5ea58655ad6fdcbe0408ef49b16882b1)
- Linux / Linux6.11Fixed in 0, 6.12.78, 6.18.20, 6.19.10, 7.0
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H