CVE-2026-43048
HID Core Memory Corruption in Linux Kernel
Publication date: 2026-05-01
Last updated on: 2026-05-03
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Linux kernel's HID core, specifically in the function hid_report_raw_event(). The issue arises from a memset() call intended to clear out bogus data by zeroing the area from the end of the incoming data string to the assumed end of the buffer.
However, this memset() can cause out-of-bounds (OOB) reads and writes during subsequent execution because it may access memory beyond the actual buffer size.
The mitigation involves removing this memset() and instead returning early if the incoming event buffer size is not large enough to fill the associated report, preventing OOB memory access.
How can this vulnerability impact me? :
This vulnerability can lead to out-of-bounds memory reads and writes, which may cause system instability, crashes, or potentially allow an attacker to execute arbitrary code or escalate privileges within the Linux kernel environment.
What immediate steps should I take to mitigate this vulnerability?
The vulnerability is mitigated by removing the problematic memset() call in the hid_report_raw_event() function of the Linux kernel. The suggested fix is to simply return if the incoming event buffer size is not large enough to fill the associated report, avoiding out-of-bounds reads and writes.
Therefore, the immediate step to mitigate this vulnerability is to update your Linux kernel to a version where this fix has been applied.