Description

In the Linux kernel, the following vulnerability has been resolved: HID: bpf: prevent buffer overflow in hid_hw_request right now the returned value is considered to be always valid. However, when playing with HID-BPF, the return value can be arbitrary big, because it's the return value of dispatch_hid_bpf_raw_requests(), which calls the struct_ops and we have no guarantees that the value makes sense.

INFO

Published Date :

2026-04-03T15:16:04.903Z

Last Modified :

2026-04-03T15:16:04.903Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2026-31401 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-31401.

URL Resource
https://git.kernel.org/stable/c/2b658c1c442ec1cd9eec5ead98d68662c40fe645 cve-icon cve-icon
https://git.kernel.org/stable/c/73c5b5aea1c443239c8cb4191b4af7a4bd6fd7b1 cve-icon cve-icon
https://git.kernel.org/stable/c/d6efaa50af62fb0790dd1fd4e7e5506b46312510 cve-icon cve-icon
https://git.kernel.org/stable/c/eb57dae20fdf6f3069cdc07821fa3bb46de381d7 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2026040327-CVE-2026-31401-697d@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2026-31401 cve-icon
https://www.cve.org/CVERecord?id=CVE-2026-31401 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact