CVE

DEBIAN-CVE-2026-23178

In the Linux kernel, the following vulnerability has been resolved: HID: i2c-hid: fix potential buffer overflow in i2c_hid_get_report() `i2c_hid_xfer` is used to read `recv_len + sizeof(__le16)` byt...

Back to all

CVE

DEBIAN-CVE-2026-23178

In the Linux kernel, the following vulnerability has been resolved: HID: i2c-hid: fix potential buffer overflow in i2chidgetreport() `i2chidxfer is used to read recvlen + sizeof(__le16) bytes of data into ihid->rawbuf. The former can come from the userspace in the hidraw driver and is only bounded by HIDMAXBUFFER_SIZE(16384) by default (unless we also set maxbuffersize field of struct hidlldriver which we do not). The latter has size determined at runtime by the maximum size of different report types you could receive on any particular device and can be a much smaller value. Fix this by truncating recvlen to ihid->bufsize - sizeof(_le16)`. The impact is low since access to hidraw devices requires root.

Package Versions Affected

No items found.

Automatically patch vulnerabilities without upgrading

Fix Without Upgrading

Detect compatible fix

Apply safe remediation

Fix with a single pull request

CVSS Version

3.1

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Related Resources

No items found.

References

https://security-tracker.debian.org/tracker/CVE-2026-23178

Severity

7.8

CVSS Score

Basic Information

Ecosystem

Base CVSS

7.8

EPSS Probability

EPSS Percentile

Introduced Version

Fix Available

6.1.164-1,6.12.73-1,6.18.10-1,6.1.164-1~deb11u1

Fix Critical Vulnerabilities Instantly

Secure your app without upgrading.

Fix Without Upgrading

Get a Demo

Let's Patch It!

DEBIAN-CVE-2026-23178

DEBIAN-CVE-2026-23178

Package Versions Affected

Automatically patch vulnerabilities without upgrading

CVSS Version

Related Resources

References

Severity

7.8

Basic Information

Fix Critical Vulnerabilities Instantly