CVE-2026-23349 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: HID: pidff: Fix condition effect bit clearing As reported by MPDarkGuy on discord, NULL pointer dereferences were happening because not all the conditional effects bits were cleared. Properly clear all conditional effect bits from ffbit

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/97d5c8f5c09a604c4873c8348f58de3cea69a7df
https://git.kernel.org/stable/c/d1edc027a4b0bb4c7a2670b530590b4df6177011
https://git.kernel.org/stable/c/ef0e669dbceaf3d7bb4ae0b235fa61feabd92b0b

History

Wed, 25 Mar 2026 10:45:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: HID: pidff: Fix condition effect bit clearing As reported by MPDarkGuy on discord, NULL pointer dereferences were happening because not all the conditional effects bits were cleared. Properly clear all conditional effect bits from ffbit
Title		HID: pidff: Fix condition effect bit clearing
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/97d5c8f5c09a604c4873c8348f58de3cea69a7df https://git.kernel.org/stable/c/d1edc027a4b0bb4c7a2670b530590b4df6177011 https://git.kernel.org/stable/c/ef0e669dbceaf3d7bb4ae0b235fa61feabd92b0b

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-03-25T10:27:35.443Z

Updated: 2026-03-25T10:27:35.443Z

Reserved: 2026-01-13T15:37:45.999Z

Link: CVE-2026-23349

Vulnrichment

No data.

NVD

Status : Received

Published: 2026-03-25T11:16:33.197

Modified: 2026-03-25T11:16:33.197

Link: CVE-2026-23349

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-23349", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-01-13T15:37:45.999Z", "datePublished": "2026-03-25T10:27:35.443Z", "dateUpdated": "2026-03-25T10:27:35.443Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-03-25T10:27:35.443Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: pidff: Fix condition effect bit clearing\n\nAs reported by MPDarkGuy on discord, NULL pointer dereferences were\nhappening because not all the conditional effects bits were cleared.\n\nProperly clear all conditional effect bits from ffbit"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/hid/usbhid/hid-pidff.c"], "versions": [{"version": "7f3d7bc0df4bdc23d31cf0f90b6e20c45129465e", "lessThan": "d1edc027a4b0bb4c7a2670b530590b4df6177011", "status": "affected", "versionType": "git"}, {"version": "7f3d7bc0df4bdc23d31cf0f90b6e20c45129465e", "lessThan": "ef0e669dbceaf3d7bb4ae0b235fa61feabd92b0b", "status": "affected", "versionType": "git"}, {"version": "7f3d7bc0df4bdc23d31cf0f90b6e20c45129465e", "lessThan": "97d5c8f5c09a604c4873c8348f58de3cea69a7df", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/hid/usbhid/hid-pidff.c"], "versions": [{"version": "6.18", "status": "affected"}, {"version": "0", "lessThan": "6.18", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.17", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.19.7", "lessThanOrEqual": "6.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0-rc3", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.18", "versionEndExcluding": "6.18.17"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.18", "versionEndExcluding": "6.19.7"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.18", "versionEndExcluding": "7.0-rc3"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/d1edc027a4b0bb4c7a2670b530590b4df6177011"}, {"url": "https://git.kernel.org/stable/c/ef0e669dbceaf3d7bb4ae0b235fa61feabd92b0b"}, {"url": "https://git.kernel.org/stable/c/97d5c8f5c09a604c4873c8348f58de3cea69a7df"}], "title": "HID: pidff: Fix condition effect bit clearing", "x_generator": {"engine": "bippy-1.2.0"}}}}