VYPR
High severity7.8NVD Advisory· Published Apr 3, 2026· Updated May 20, 2026

CVE-2026-31401

CVE-2026-31401

Description

In the Linux kernel, the following vulnerability has been resolved:

HID: bpf: prevent buffer overflow in hid_hw_request

right now the returned value is considered to be always valid. However, when playing with HID-BPF, the return value can be arbitrary big, because it's the return value of dispatch_hid_bpf_raw_requests(), which calls the struct_ops and we have no guarantees that the value makes sense.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

45

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.