CVE-2026-23349

MEDIUM

HID: pidff: Fix condition effect bit clearing

Title source: cna

Description

In the Linux kernel, the following vulnerability has been resolved: HID: pidff: Fix condition effect bit clearing As reported by MPDarkGuy on discord, NULL pointer dereferences were happening because not all the conditional effects bits were cleared. Properly clear all conditional effect bits from ffbit

References (3)

https://git.kernel.org/stable/c/d1edc027a4b0bb4c7a2670b530590b4df6177011

https://git.kernel.org/stable/c/ef0e669dbceaf3d7bb4ae0b235fa61feabd92b0b

https://git.kernel.org/stable/c/97d5c8f5c09a604c4873c8348f58de3cea69a7df

Scores

CVSS v3 5.5

EPSS 0.0001

EPSS Percentile 3.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-476

Status published

Products (14)

linux/Kernel 6.18.0 - 6.18.17linux

linux/Kernel 6.19.0 - 6.19.7linux

Linux/Linux < 6.18

Linux/Linux 6.18

Linux/Linux 6.18.17 - 6.18.*

Linux/Linux 6.19.7 - 6.19.*

Linux/Linux 7.0

Linux/Linux 7.0-rc3

Linux/Linux 7f3d7bc0df4bdc23d31cf0f90b6e20c45129465e - 97d5c8f5c09a604c4873c8348f58de3cea69a7df

Linux/Linux 7f3d7bc0df4bdc23d31cf0f90b6e20c45129465e - d1edc027a4b0bb4c7a2670b530590b4df6177011

... and 4 more

Published Mar 25, 2026

Tracked Since Mar 25, 2026