CVE-2026-23349 PUBLISHED

HID: pidff: Fix condition effect bit clearing

Assigner: Linux
Reserved: 13.01.2026 Published: 25.03.2026 Updated: 25.03.2026

In the Linux kernel, the following vulnerability has been resolved:

HID: pidff: Fix condition effect bit clearing

As reported by MPDarkGuy on discord, NULL pointer dereferences were happening because not all the conditional effects bits were cleared.

Properly clear all conditional effect bits from ffbit

Product Status

Vendor Linux
Product Linux
Versions Default: unaffected
  • affected from 7f3d7bc0df4bdc23d31cf0f90b6e20c45129465e to d1edc027a4b0bb4c7a2670b530590b4df6177011 (excl.)
  • affected from 7f3d7bc0df4bdc23d31cf0f90b6e20c45129465e to ef0e669dbceaf3d7bb4ae0b235fa61feabd92b0b (excl.)
  • affected from 7f3d7bc0df4bdc23d31cf0f90b6e20c45129465e to 97d5c8f5c09a604c4873c8348f58de3cea69a7df (excl.)
Vendor Linux
Product Linux
Versions Default: affected
  • Version 6.18 is affected
  • unaffected from 0 to 6.18 (excl.)
  • unaffected from 6.18.17 to 6.18.* (incl.)
  • unaffected from 6.19.7 to 6.19.* (incl.)
  • unaffected from 7.0-rc3 to * (incl.)

References