CVE-2026-23349

high

Description

In the Linux kernel, the following vulnerability has been resolved: HID: pidff: Fix condition effect bit clearing As reported by MPDarkGuy on discord, NULL pointer dereferences were happening because not all the conditional effects bits were cleared. Properly clear all conditional effect bits from ffbit

References

https://git.kernel.org/stable/c/ef0e669dbceaf3d7bb4ae0b235fa61feabd92b0b

https://git.kernel.org/stable/c/d1edc027a4b0bb4c7a2670b530590b4df6177011

https://git.kernel.org/stable/c/97d5c8f5c09a604c4873c8348f58de3cea69a7df

Details

Source: Mitre, NVD

Published: 2026-03-25

Updated: 2026-03-25

Risk Information

CVSS v2

Base Score: 3.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:P

Severity: Low

CVSS v3

Base Score: 7.1

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Severity: High

EPSS

EPSS: 0.00017