PT-2026-37421 · Linux · Linux Kernel

Published

2026-05-06

·

Updated

2026-05-26

·

CVE-2026-43111

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A use-after-free issue exists in the HID Roccat component. The roccat report event() function iterates over the device->readers list without holding the readers lock mutex. This allows a concurrent roccat release() function to remove and free a reader while it is still being accessed.
Recommendations Protect the readers list traversal by using the readers lock mutex.

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-43111

Affected Products

Linux Kernel