Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: HID: logitech-hidpp: Check maxfield in hidpp_get_report_length() Do not crash when a report has no fields. Fake USB gadgets can send their own HID report descriptors and can define report structures without valid fields. This can be used to crash the kernel over USB.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 5.2, < 5.10.252 |
References
- https://git.kernel.org/stable/c/1547d41f9f19d691c2c9ce4c29f746297baef9e9Patch
- https://git.kernel.org/stable/c/1acb28123e57b50d737377f400f57eec889fe5e4Patch
- https://git.kernel.org/stable/c/2dc023dbc11b8dfa8afa63242762acd8cddcad03Patch
- https://git.kernel.org/stable/c/7f59999fcd699af06ad2aef446a635ea6aa87db3Patch
- https://git.kernel.org/stable/c/ae81fac9ce81917817d787e6b74e68482d99bdf2Patch
- https://git.kernel.org/stable/c/b74bf7d0d01fa9b53653f58c29aa00772121f6e9Patch
- https://git.kernel.org/stable/c/f1ceaaf93ea32d0f2b95c95f784ee155962c52adPatch
- https://git.kernel.org/stable/c/fb1725c0804dbec9dd01c4cb5c9f1f77a69e36dcPatch
FAQ
What is CVE-2026-43136?
CVE-2026-43136 is a vulnerability with a CVSS score of 5.5 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: HID: logitech-hidpp: Check maxfield in hidpp_get_report_length() Do not crash when a report has no fields. Fake USB gadgets can s...
How severe is CVE-2026-43136?
CVE-2026-43136 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-43136?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.