HID: Add HID_CLAIMED_INPUT guards in raw_event callbacks missing them

Summary

CVE	CVE-2026-23382
State	PUBLISHED
Assigner	Linux
Source Priority	CVE Program / NVD first with legacy fallback
Published	2026-03-25 11:16:38 UTC
Updated	2026-04-18 09:16:22 UTC
Description	In the Linux kernel, the following vulnerability has been resolved: HID: Add HID_CLAIMED_INPUT guards in raw_event callbacks missing them In commit 2ff5baa9b527 ("HID: appleir: Fix potential NULL dereference at raw event handle"), we handle the fact that raw event callbacks can happen even for a HID device that has not been "claimed" causing a crash if a broken device were attempted to be connected to the system. Fix up the remaining in-tree HID drivers that forgot to add this same check to resolve the same issue.

Risk And Classification

EPSS: 0.000320000 probability, percentile 0.090980000 (date 2026-04-18)

Vendor Declared Affected Products

Source	Vendor	Product	Version	Platforms
CNA	Linux	Linux	affected d0742abaa1c396a26bb3d3ce2732988cd3faa020 b48284d7f0f76023b215a3409cdc989b5081eadf git	Not specified
CNA	Linux	Linux	affected d0742abaa1c396a26bb3d3ce2732988cd3faa020 de316c1edf15bc30ff5e0d4c7b37c70fd41cf319 git	Not specified
CNA	Linux	Linux	affected d0742abaa1c396a26bb3d3ce2732988cd3faa020 ac83b0d91a3f4f0c012ba9c85fb99436cddb1208 git	Not specified
CNA	Linux	Linux	affected d0742abaa1c396a26bb3d3ce2732988cd3faa020 6e330889e6c8db99f04d4feb861d23de4e8fbb13 git	Not specified
CNA	Linux	Linux	affected d0742abaa1c396a26bb3d3ce2732988cd3faa020 892dbaf46bb738dacf1fa663eadb3712c85868f0 git	Not specified
CNA	Linux	Linux	affected d0742abaa1c396a26bb3d3ce2732988cd3faa020 20864e3e41c74cda253a9fa6b6fe093c1461a6a9 git	Not specified
CNA	Linux	Linux	affected d0742abaa1c396a26bb3d3ce2732988cd3faa020 575122cd6569c4c4aa13c4c9958fea506724c788 git	Not specified
CNA	Linux	Linux	affected d0742abaa1c396a26bb3d3ce2732988cd3faa020 ecfa6f34492c493a9a1dc2900f3edeb01c79946b git	Not specified
CNA	Linux	Linux	affected 2.6.35	Not specified
CNA	Linux	Linux	unaffected 2.6.35 semver	Not specified
CNA	Linux	Linux	unaffected 5.10.253 5.10.* semver	Not specified
CNA	Linux	Linux	unaffected 5.15.203 5.15.* semver	Not specified
CNA	Linux	Linux	unaffected 6.1.167 6.1.* semver	Not specified
CNA	Linux	Linux	unaffected 6.6.130 6.6.* semver	Not specified
CNA	Linux	Linux	unaffected 6.12.77 6.12.* semver	Not specified
CNA	Linux	Linux	unaffected 6.18.17 6.18.* semver	Not specified
CNA	Linux	Linux	unaffected 6.19.7 6.19.* semver	Not specified
CNA	Linux	Linux	unaffected 7.0 * original_commit_for_fix	Not specified

References

Reference	Source	Link	Tags
git.kernel.org/stable/c/ac83b0d91a3f4f0c012ba9c85fb99436cddb1208	416baaa9-dc9f-4396-8d5f-8c081fb06d67	git.kernel.org
git.kernel.org/stable/c/892dbaf46bb738dacf1fa663eadb3712c85868f0	416baaa9-dc9f-4396-8d5f-8c081fb06d67	git.kernel.org
git.kernel.org/stable/c/6e330889e6c8db99f04d4feb861d23de4e8fbb13	416baaa9-dc9f-4396-8d5f-8c081fb06d67	git.kernel.org
git.kernel.org/stable/c/575122cd6569c4c4aa13c4c9958fea506724c788	416baaa9-dc9f-4396-8d5f-8c081fb06d67	git.kernel.org
git.kernel.org/stable/c/b48284d7f0f76023b215a3409cdc989b5081eadf	416baaa9-dc9f-4396-8d5f-8c081fb06d67	git.kernel.org
git.kernel.org/stable/c/ecfa6f34492c493a9a1dc2900f3edeb01c79946b	416baaa9-dc9f-4396-8d5f-8c081fb06d67	git.kernel.org
git.kernel.org/stable/c/20864e3e41c74cda253a9fa6b6fe093c1461a6a9	416baaa9-dc9f-4396-8d5f-8c081fb06d67	git.kernel.org
git.kernel.org/stable/c/de316c1edf15bc30ff5e0d4c7b37c70fd41cf319	416baaa9-dc9f-4396-8d5f-8c081fb06d67	git.kernel.org
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.