CVE-2026-23382Missing Lock Check in Linux

CWE-414Missing Lock Check9 documents8 sources
Severity
5.5MEDIUM
No vector
EPSS
0.0%
top 90.88%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
LinuxLinux Kernel
Timeline
PublishedMar 25

Description

In the Linux kernel, the following vulnerability has been resolved: HID: Add HID_CLAIMED_INPUT guards in raw_event callbacks missing them In commit 2ff5baa9b527 ("HID: appleir: Fix potential NULL dereference at raw event handle"), we handle the fact that raw event callbacks can happen even for a HID device that has not been "claimed" causing a crash if a broken device were attempted to be connected to the system. Fix up the remaining in-tree HID drivers that forgot to add this same check to r

Affected Packages3 packages

Linuxlinux/linux_kernel2.6.356.1.167+4
Debianlinux/linux_kernel< 6.19.8-1
CVEListV5linux/linuxd0742abaa1c396a26bb3d3ce2732988cd3faa020ac83b0d91a3f4f0c012ba9c85fb99436cddb1208+6

🔴Vulnerability Details

4
CVEList
HID: Add HID_CLAIMED_INPUT guards in raw_event callbacks missing them2026-03-25
OSV
HID: Add HID_CLAIMED_INPUT guards in raw_event callbacks missing them2026-03-25
GHSA
GHSA-22m9-9vqx-v8ww: In the Linux kernel, the following vulnerability has been resolved: HID: Add HID_CLAIMED_INPUT guards in raw_event callbacks missing them In commit2026-03-25
OSV
CVE-2026-23382: In the Linux kernel, the following vulnerability has been resolved: HID: Add HID_CLAIMED_INPUT guards in raw_event callbacks missing them In commit 2f2026-03-25

📋Vendor Advisories

3
Red Hat
kernel: HID: Add HID_CLAIMED_INPUT guards in raw_event callbacks missing them2026-03-25
Microsoft
HID: Add HID_CLAIMED_INPUT guards in raw_event callbacks missing them2026-03-10
Debian
CVE-2026-23382: linux - In the Linux kernel, the following vulnerability has been resolved: HID: Add HI...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-23382 Impact, Exploitability, and Mitigation Steps | Wiz
CVE-2026-23382 — Missing Lock Check in Linux | cvebase