PT-2026-30184 · Linux · Linux Kernel

Published

2026-03-13

·

Updated

2026-06-15

·

CVE-2026-31401

CVSS v4.0

8.4

High

VectorAV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Name of the Vulnerable Software and Affected Versions Linux Kernel (affected versions not specified)
Description The Linux kernel contains a flaw within the HID subsystem's BPF functionality. Specifically, the hid hw request function does not adequately validate the return value from dispatch hid bpf raw requests(), which utilizes struct operations. This can lead to a buffer overflow if the return value is unexpectedly large, potentially occurring when interacting with HID-BPF.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

BDU:2026-05765
CVE-2026-31401
OPENSUSE-SU-2026:20965-1
SUSE-SU-2026:22099-1
SUSE-SU-2026:22112-1
SUSE-SU-2026:22127-1

Affected Products

Linux Kernel