VYPR
Medium severity5.5NVD Advisory· Published May 6, 2026· Updated May 12, 2026

CVE-2026-43136

CVE-2026-43136

Description

In the Linux kernel, the following vulnerability has been resolved:

HID: logitech-hidpp: Check maxfield in hidpp_get_report_length()

Do not crash when a report has no fields.

Fake USB gadgets can send their own HID report descriptors and can define report structures without valid fields. This can be used to crash the kernel over USB.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Linux/Kernel2 versions
    cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*range: >=5.2,<5.10.252
    • (no CPE)

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.