CVE-2026-43049

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> HID: logitech-hidpp: Prevent use-after-free on force feedback initialisation failure<br /> <br /> Presently, if the force feedback initialisation fails when probing the<br /> Logitech G920 Driving Force Racing Wheel for Xbox One, an error number<br /> will be returned and propagated before the userspace infrastructure<br /> (sysfs and /dev/input) has been torn down. If userspace ignores the<br /> errors and continues to use its references to these dangling entities, a<br /> UAF will promptly follow.<br /> <br /> We have 2 options; continue to return the error, but ensure that all of<br /> the infrastructure is torn down accordingly or continue to treat this<br /> condition as a warning by emitting the message but returning success.<br /> It is thought that the original author&amp;#39;s intention was to emit the<br /> warning but keep the device functional, less the force feedback feature,<br /> so let&amp;#39;s go with that.