In the Linux kernel, the following vulnerability has been resolved:
HID: logitech-hidpp: Check maxfield in hidpp_get_report_length()
Do not crash when a report has no fields.
Fake USB gadgets can send their own HID report descriptors and can define report
structures without valid fields. This can be used to crash the kernel over USB.
Metrics
Affected Vendors & Products
| Vendors | Products |
|---|---|
| Linux |
|
No data.
No data.
OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.
| Vendors | Products |
|---|
References
History
Wed, 06 May 2026 14:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-20 |
Wed, 06 May 2026 12:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | In the Linux kernel, the following vulnerability has been resolved: HID: logitech-hidpp: Check maxfield in hidpp_get_report_length() Do not crash when a report has no fields. Fake USB gadgets can send their own HID report descriptors and can define report structures without valid fields. This can be used to crash the kernel over USB. | |
| Title | HID: logitech-hidpp: Check maxfield in hidpp_get_report_length() | |
| First Time appeared |
Linux
Linux linux Kernel |
|
| CPEs | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Linux
Linux linux Kernel |
|
| References |
|
|
MITRE
Status: PUBLISHED
Assigner: Linux
Published:
Updated: 2026-05-06T11:27:22.892Z
Reserved: 2026-05-01T14:12:55.988Z
Link: CVE-2026-43136
Vulnrichment
No data.
NVD
Status : Awaiting Analysis
Published: 2026-05-06T12:16:30.880
Modified: 2026-05-06T13:07:51.607
Link: CVE-2026-43136
Redhat
No data.
OpenCVE Enrichment
Updated: 2026-05-06T14:00:06Z