CVE-2026-43251

Source
https://cve.org/CVERecord?id=CVE-2026-43251
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-43251.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2026-43251
Downstream
Published
2026-05-06T11:28:41.835Z
Modified
2026-06-18T03:55:52.459603607Z
Summary
HID: prodikeys: Check presence of pm->input_ep82
Details

In the Linux kernel, the following vulnerability has been resolved:

HID: prodikeys: Check presence of pm->input_ep82

Fake USB devices can send their own report descriptors for which the inputmapping() hook does not get called. In this case, pm->inputep82 stays NULL, which leads to a crash later.

This does not happen with the real device, but can be provoked by imposing as one.

Database specific
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/43xxx/CVE-2026-43251.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
3a370ca1dcf8c80aff7a0a21d6b0f50ca2a151e9
Fixed
f580c79683356632f12f2c2029f2fe936d953aa1
Fixed
ee572578f09f0e743e9383393a75c3a7a0f9b4c2
Fixed
edccbf7d6dc05d692bde3a89de5a4001f72a0fa4
Fixed
3f1b21cc67a15d7d081378a9b8747dd000a017b8
Fixed
e7ac1cd823cd2e9fcbd5cb0b261d6d35dbb79341
Fixed
d5512ce892f774d37c53082adadfcad04f21b50e
Fixed
d08f35f843881ec504d7537a9bb728a073db3366
Fixed
cee8337e1bad168136aecfe6416ecd7d3aa7529a

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-43251.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
2.6.35
Fixed
5.10.252
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.202
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.165
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.128
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.75
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.18.16
Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
6.19.6

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-43251.json"