CVE-2026-23349 — Access of Uninitialized Pointer in Linux

CWE-824 — Access of Uninitialized Pointer8 documents7 sources

Severity

5.5MEDIUM

No vector

EPSS

0.0%

top 94.13%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel

Timeline

PublishedMar 25

Description

In the Linux kernel, the following vulnerability has been resolved: HID: pidff: Fix condition effect bit clearing As reported by MPDarkGuy on discord, NULL pointer dereferences were happening because not all the conditional effects bits were cleared. Properly clear all conditional effect bits from ffbit

Affected Packages3 packages

▶Linuxlinux/linux_kernel6.18.0 — 6.18.17+1

▶Debianlinux/linux_kernel< 6.19.8-1

▶CVEListV5linux/linux7f3d7bc0df4bdc23d31cf0f90b6e20c45129465e — d1edc027a4b0bb4c7a2670b530590b4df6177011+3

🔴Vulnerability Details

OSV

HID: pidff: Fix condition effect bit clearing↗2026-03-25

▶

GHSA

GHSA-c2qc-rj55-83m4: In the Linux kernel, the following vulnerability has been resolved: HID: pidff: Fix condition effect bit clearing As reported by MPDarkGuy on discor↗2026-03-25

▶

CVEList

HID: pidff: Fix condition effect bit clearing↗2026-03-25

▶

OSV

CVE-2026-23349: In the Linux kernel, the following vulnerability has been resolved: HID: pidff: Fix condition effect bit clearing As reported by MPDarkGuy on discord,↗2026-03-25

▶

📋Vendor Advisories

Red Hat

kernel: HID: pidff: Fix condition effect bit clearing↗2026-03-25

▶

Debian

CVE-2026-23349: linux - In the Linux kernel, the following vulnerability has been resolved: HID: pidff:...↗2026

▶

🕵️Threat Intelligence

Wiz

CVE-2026-23349 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶