CVE-2026-43136
Gravedad:
Pendiente de análisis
Tipo:
No Disponible / Otro tipo
Fecha de publicación:
06/05/2026
Última modificación:
06/05/2026
Descripción
*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
HID: logitech-hidpp: Check maxfield in hidpp_get_report_length()<br />
<br />
Do not crash when a report has no fields.<br />
<br />
Fake USB gadgets can send their own HID report descriptors and can define report<br />
structures without valid fields. This can be used to crash the kernel over USB.
Impacto
Referencias a soluciones, herramientas e información
- https://git.kernel.org/stable/c/1547d41f9f19d691c2c9ce4c29f746297baef9e9
- https://git.kernel.org/stable/c/1acb28123e57b50d737377f400f57eec889fe5e4
- https://git.kernel.org/stable/c/2dc023dbc11b8dfa8afa63242762acd8cddcad03
- https://git.kernel.org/stable/c/7f59999fcd699af06ad2aef446a635ea6aa87db3
- https://git.kernel.org/stable/c/ae81fac9ce81917817d787e6b74e68482d99bdf2
- https://git.kernel.org/stable/c/b74bf7d0d01fa9b53653f58c29aa00772121f6e9
- https://git.kernel.org/stable/c/f1ceaaf93ea32d0f2b95c95f784ee155962c52ad
- https://git.kernel.org/stable/c/fb1725c0804dbec9dd01c4cb5c9f1f77a69e36dc