CVE-2026-23349

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2026-23349
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-23349.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-23349
Downstream
Published
2026-03-25T10:27:35.443Z
Modified
2026-04-02T13:12:22.664262Z
Summary
HID: pidff: Fix condition effect bit clearing
Details

In the Linux kernel, the following vulnerability has been resolved:

HID: pidff: Fix condition effect bit clearing

As reported by MPDarkGuy on discord, NULL pointer dereferences were happening because not all the conditional effects bits were cleared.

Properly clear all conditional effect bits from ffbit

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23349.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
7f3d7bc0df4bdc23d31cf0f90b6e20c45129465e
Fixed
d1edc027a4b0bb4c7a2670b530590b4df6177011
Fixed
ef0e669dbceaf3d7bb4ae0b235fa61feabd92b0b
Fixed
97d5c8f5c09a604c4873c8348f58de3cea69a7df

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-23349.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.18.0
Fixed
6.18.17
Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
6.19.7

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-23349.json"