CVE-2026-31625: linux kernel vulnerability

In the Linux kernel, the following vulnerability has been resolved: HID: alps: fix NULL pointer dereference in alps_raw_event() Commit ecfa6f34492c ("HID: Add HID_CLAIMED_INPUT guards in raw_event callbacks missing them") attempted to fix up the HID drivers that had missed the previous fix that was done in 2ff5baa9b527 ("HID: appleir: Fix potential NULL dereference at raw event handle"), but the alps driver was missed. Fix this up by properly checking in the hid-alps driver that it had been claimed correctly before attempting to process the raw event.
CVE-2026-31625CVSS 5.5Linux

CVE-2026-31625: linux kernel vulnerability

In the Linux kernel, the following vulnerability has been resolved: HID: alps: fix NULL pointer dereference in alps_raw_event() Commit ecfa6f34492c ("HID: Add HID_CLAIMED_INPUT guards in raw_event callbacks missing them") attempted to fix up the HID drivers that had missed the previous fix that was done in 2ff5baa9b527 ("HID: appleir: Fix potential NULL dereference at raw event handle"), but the alps driver was missed. Fix this up by properly checking in the hid-alps driver that it had been claimed correctly before attempting to process the raw event.

CVSS
5.5 MEDIUM
EPSS
2.59%
Aktywnie wykorzystywana
brak w KEV
Produkt
linux kernel

Co wiadomo

In the Linux kernel, the following vulnerability has been resolved: HID: alps: fix NULL pointer dereference in alps_raw_event() Commit ecfa6f34492c ("HID: Add HID_CLAIMED_INPUT guards in raw_event callbacks missing them") attempted to fix up the HID drivers that had missed the previous fix that was done in 2ff5baa9b527 ("HID: appleir: Fix potential NULL dereference at raw event handle"), but the alps driver was missed. Fix this up by properly checking in the hid-alps driver that it had been claimed correctly before attempting to process the raw event.

Źródła

Alerty bezpieczeństwa

Dostawaj alerty CVE zanim staną się incydentem

Wysyłamy wybrane zagrożenia infrastrukturalne po polsku, z praktycznym komentarzem dla środowisk DataHouse.

  • DataHouse: administracja serwerów i bezpieczna chmura
  • Hostilla.pl: hosting i usługi pocztowe
  • SecDNS.pl: bezpłatna warstwa bezpieczeństwa DNS