Skip to main content

Linux CVE-2026-23349

| EUVDEUVD-2026-15319 MEDIUM
NULL Pointer Dereference (CWE-476)
2026-03-25 Linux GHSA-c2qc-rj55-83m4
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
SUSE
5.2 MEDIUM
qualitative
Red Hat
5.5 MEDIUM
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

5
CVSS changed
Apr 24, 2026 - 18:07 NVD
5.5 (MEDIUM)
Patch released
Mar 31, 2026 - 21:13 nvd
Patch available
EUVD ID Assigned
Mar 25, 2026 - 10:45 euvd
EUVD-2026-15319
Analysis Generated
Mar 25, 2026 - 10:45 vuln.today
CVE Published
Mar 25, 2026 - 10:27 nvd
N/A

DescriptionCVE.org

In the Linux kernel, the following vulnerability has been resolved:

HID: pidff: Fix condition effect bit clearing

As reported by MPDarkGuy on discord, NULL pointer dereferences were happening because not all the conditional effects bits were cleared.

Properly clear all conditional effect bits from ffbit

AnalysisAI

A NULL pointer dereference vulnerability exists in the Linux kernel's HID pidff (PID force feedback) driver due to incomplete clearing of conditional effect bits from the ffbit field. This affects all Linux kernel versions using the vulnerable pidff driver code. An attacker with local access to a system with a connected force feedback HID device could trigger a kernel panic, causing a denial of service. No CVSS score, EPSS score, or active KEV status is currently available, but three stable kernel commits addressing this issue have been merged, indicating the vulnerability has been formally patched.

Technical ContextAI

The vulnerability resides in the HID (Human Interface Device) subsystem of the Linux kernel, specifically in the pidff (Parallel Input Device Force Feedback) driver module. The pidff driver manages force feedback effects for gaming controllers and similar HID devices. The root cause involves incomplete bit clearing logic in the conditional effects handling code; when the driver initializes or processes force feedback effects, it fails to clear all conditional effect bits from the ffbit (force feedback bits) field. This incomplete clearing leaves stale bit flags set, which can cause the driver to reference NULL pointers when processing force feedback state later. The affected product is the Linux kernel itself (CPE: cpe:2.3:a:linux:linux:*:*:*:*:*:*:*:*), with the vulnerability present in the HID pidff subsystem prior to the patches identified in the references.

RemediationAI

Update the Linux kernel to a version incorporating commits d1edc027a4b0bb4c7a2670b530590b4df6177011, ef0e669dbceaf3d7bb4ae0b235fa61feabd92b0b, or 97d5c8f5c09a604c4873c8348f58de3cea69a7df from the kernel stable tree. These patches are available through your Linux distribution's standard update channels (apt, yum, pacman, etc.). Most distributions have integrated these fixes into their latest kernel releases. Until patching is possible, operators can mitigate risk by disabling the pidff driver module (blacklist it in modprobe configuration) if force feedback devices are not required, or by restricting physical access to USB/HID device ports and using device authentication policies to prevent untrusted HID devices from being connected to the system. See https://git.kernel.org/stable/ for detailed patch information and commit messages.

Vendor StatusVendor

Debian

linux
Release Status Fixed Version Urgency
bullseye not-affected - -
bullseye (security) fixed 5.10.251-1 -
bookworm not-affected - -
bookworm (security) fixed 6.1.164-1 -
trixie not-affected - -
trixie (security) fixed 6.12.74-2 -
forky, sid fixed 6.19.8-1 -
(unstable) fixed 6.19.8-1 -

SUSE

Severity: Medium
Product Status
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise High Availability Extension 15 SP7 Fixed
SUSE Linux Enterprise High Availability Extension 15 SP7 Fixed
SUSE Linux Enterprise High Performance Computing 15 SP7 Fixed

Share

CVE-2026-23349 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy