Description

In the Linux kernel, the following vulnerability has been resolved: HID: i2c-hid: fix potential buffer overflow in i2c_hid_get_report() `i2c_hid_xfer` is used to read `recv_len + sizeof(__le16)` bytes of data into `ihid->rawbuf`. The former can come from the userspace in the hidraw driver and is only bounded by HID_MAX_BUFFER_SIZE(16384) by default (unless we also set `max_buffer_size` field of `struct hid_ll_driver` which we do not). The latter has size determined at runtime by the maximum size of different report types you could receive on any particular device and can be a much smaller value. Fix this by truncating `recv_len` to `ihid->bufsize - sizeof(__le16)`. The impact is low since access to hidraw devices requires root.

INFO

Published Date :

2026-02-14T16:27:10.108Z

Last Modified :

2026-04-03T13:32:18.417Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2026-23178 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-23178.

URL Resource
https://git.kernel.org/stable/c/2124279f1f8c32c1646ce98e75a1a39b23b7db76 cve-icon cve-icon
https://git.kernel.org/stable/c/2497ff38c530b1af0df5130ca9f5ab22c5e92f29 cve-icon cve-icon
https://git.kernel.org/stable/c/786ec171788bdf9dda38789163f1b1fbb47f2d1e cve-icon cve-icon
https://git.kernel.org/stable/c/cff3f619fd1cb40cdd89971df9001f075613d219 cve-icon cve-icon
https://git.kernel.org/stable/c/f9c9ad89d845f88a1509e9d672f65d234425fde9 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2026021428-CVE-2026-23178-ffd4@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2026-23178 cve-icon
https://www.cve.org/CVERecord?id=CVE-2026-23178 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact