CVE-2026-23382

HID: Add HID_CLAIMED_INPUT guards in raw_event callbacks missing them

Description

In the Linux kernel, the following vulnerability has been resolved: HID: Add HID_CLAIMED_INPUT guards in raw_event callbacks missing them In commit 2ff5baa9b527 ("HID: appleir: Fix potential NULL dereference at raw event handle"), we handle the fact that raw event callbacks can happen even for a HID device that has not been "claimed" causing a crash if a broken device were attempted to be connected to the system. Fix up the remaining in-tree HID drivers that forgot to add this same check to resolve the same issue.

INFO

Published Date :

2026-03-25T10:28:01.040Z

Last Modified :

2026-04-18T08:58:24.172Z

Source :

Linux

AFFECTED PRODUCTS

The following products are affected by CVE-2026-23382 vulnerability.

Vendors	Products
Linux	Linux Kernel

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-23382.

URL	Resource
https://git.kernel.org/stable/c/20864e3e41c74cda253a9fa6b6fe093c1461a6a9
https://git.kernel.org/stable/c/575122cd6569c4c4aa13c4c9958fea506724c788
https://git.kernel.org/stable/c/6e330889e6c8db99f04d4feb861d23de4e8fbb13
https://git.kernel.org/stable/c/892dbaf46bb738dacf1fa663eadb3712c85868f0
https://git.kernel.org/stable/c/ac83b0d91a3f4f0c012ba9c85fb99436cddb1208
https://git.kernel.org/stable/c/b48284d7f0f76023b215a3409cdc989b5081eadf
https://git.kernel.org/stable/c/de316c1edf15bc30ff5e0d4c7b37c70fd41cf319
https://git.kernel.org/stable/c/ecfa6f34492c493a9a1dc2900f3edeb01c79946b
https://lore.kernel.org/linux-cve-announce/2026032543-CVE-2026-23382-26fe@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2026-23382
https://www.cve.org/CVERecord?id=CVE-2026-23382

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact