Medium severity5.5NVD Advisory· Published May 6, 2026· Updated May 12, 2026
CVE-2026-43136
CVE-2026-43136
Description
In the Linux kernel, the following vulnerability has been resolved:
HID: logitech-hidpp: Check maxfield in hidpp_get_report_length()
Do not crash when a report has no fields.
Fake USB gadgets can send their own HID report descriptors and can define report structures without valid fields. This can be used to crash the kernel over USB.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
8- git.kernel.org/stable/c/1547d41f9f19d691c2c9ce4c29f746297baef9e9nvdPatch
- git.kernel.org/stable/c/1acb28123e57b50d737377f400f57eec889fe5e4nvdPatch
- git.kernel.org/stable/c/2dc023dbc11b8dfa8afa63242762acd8cddcad03nvdPatch
- git.kernel.org/stable/c/7f59999fcd699af06ad2aef446a635ea6aa87db3nvdPatch
- git.kernel.org/stable/c/ae81fac9ce81917817d787e6b74e68482d99bdf2nvdPatch
- git.kernel.org/stable/c/b74bf7d0d01fa9b53653f58c29aa00772121f6e9nvdPatch
- git.kernel.org/stable/c/f1ceaaf93ea32d0f2b95c95f784ee155962c52adnvdPatch
- git.kernel.org/stable/c/fb1725c0804dbec9dd01c4cb5c9f1f77a69e36dcnvdPatch
News mentions
0No linked articles in our index yet.