Description

In the Linux kernel, the following vulnerability has been resolved: HID: logitech-hidpp: Check maxfield in hidpp_get_report_length() Do not crash when a report has no fields. Fake USB gadgets can send their own HID report descriptors and can define report structures without valid fields. This can be used to crash the kernel over USB.

INFO

Published Date :

2026-05-06T11:27:22.892Z

Last Modified :

2026-05-07T17:14:23.814Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2026-43136 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-43136.

URL Resource
https://git.kernel.org/stable/c/1547d41f9f19d691c2c9ce4c29f746297baef9e9 cve-icon cve-icon
https://git.kernel.org/stable/c/1acb28123e57b50d737377f400f57eec889fe5e4 cve-icon cve-icon
https://git.kernel.org/stable/c/2dc023dbc11b8dfa8afa63242762acd8cddcad03 cve-icon cve-icon
https://git.kernel.org/stable/c/7f59999fcd699af06ad2aef446a635ea6aa87db3 cve-icon cve-icon
https://git.kernel.org/stable/c/ae81fac9ce81917817d787e6b74e68482d99bdf2 cve-icon cve-icon
https://git.kernel.org/stable/c/b74bf7d0d01fa9b53653f58c29aa00772121f6e9 cve-icon cve-icon
https://git.kernel.org/stable/c/f1ceaaf93ea32d0f2b95c95f784ee155962c52ad cve-icon cve-icon
https://git.kernel.org/stable/c/fb1725c0804dbec9dd01c4cb5c9f1f77a69e36dc cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2026050623-CVE-2026-43136-99fb@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2026-43136 cve-icon
https://www.cve.org/CVERecord?id=CVE-2026-43136 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact