Linux Kernel HID: Missing HID_CLAIMED_INPUT Guard Causes Crash
CVE-2026-23382 Published on March 25, 2026
HID: Add HID_CLAIMED_INPUT guards in raw_event callbacks missing them
In the Linux kernel, the following vulnerability has been resolved:
HID: Add HID_CLAIMED_INPUT guards in raw_event callbacks missing them
In commit 2ff5baa9b527 ("HID: appleir: Fix potential NULL dereference at
raw event handle"), we handle the fact that raw event callbacks
can happen even for a HID device that has not been "claimed" causing a
crash if a broken device were attempted to be connected to the system.
Fix up the remaining in-tree HID drivers that forgot to add this same
check to resolve the same issue.
Products Associated with CVE-2026-23382
Want to know whenever a new CVE is published for Linux Kernel? stack.watch will email you.
Affected Versions
Linux:- Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 and below ac83b0d91a3f4f0c012ba9c85fb99436cddb1208 is affected.
- Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 and below 6e330889e6c8db99f04d4feb861d23de4e8fbb13 is affected.
- Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 and below 892dbaf46bb738dacf1fa663eadb3712c85868f0 is affected.
- Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 and below 20864e3e41c74cda253a9fa6b6fe093c1461a6a9 is affected.
- Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 and below 575122cd6569c4c4aa13c4c9958fea506724c788 is affected.
- Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 and below ecfa6f34492c493a9a1dc2900f3edeb01c79946b is affected.
- Version 6.1.167, <= 6.1.* is unaffected.
- Version 6.6.130, <= 6.6.* is unaffected.
- Version 6.12.77, <= 6.12.* is unaffected.
- Version 6.18.17, <= 6.18.* is unaffected.
- Version 6.19.7, <= 6.19.* is unaffected.
- Version 7.0-rc3, <= * is unaffected.