CVE-2026-43047 (GCVE-0-2026-43047)
Vulnerability from cvelistv5
Published
2026-05-01 14:15
Modified
2026-05-03 05:46
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: Check to ensure report responses match the request It is possible for a malicious (or clumsy) device to respond to a specific report's feature request using a completely different report ID. This can cause confusion in the HID core resulting in nasty side-effects such as OOB writes. Add a check to ensure that the report ID in the response, matches the one that was requested. If it doesn't, omit reporting the raw event and return early.
References
Impacted products
Vendor Product Version
Linux Linux Version: 6d4f5440a3a2bb2e9d0d582bbf98234e9e9bb095
Version: 6d4f5440a3a2bb2e9d0d582bbf98234e9e9bb095
Version: 6d4f5440a3a2bb2e9d0d582bbf98234e9e9bb095
Version: 6d4f5440a3a2bb2e9d0d582bbf98234e9e9bb095
Version: 6d4f5440a3a2bb2e9d0d582bbf98234e9e9bb095
Version: 6d4f5440a3a2bb2e9d0d582bbf98234e9e9bb095
Version: 6d4f5440a3a2bb2e9d0d582bbf98234e9e9bb095
Version: 6d4f5440a3a2bb2e9d0d582bbf98234e9e9bb095
Version: fee906f035f0bd18ff12d84d58766c44a2ab0918
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/hid/hid-multitouch.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "516da3f25cfe18643835af1cf09b0e9ffc36c383",
              "status": "affected",
              "version": "6d4f5440a3a2bb2e9d0d582bbf98234e9e9bb095",
              "versionType": "git"
            },
            {
              "lessThan": "a61163daf8a90b4a7ef154d5fc9c525f665734e3",
              "status": "affected",
              "version": "6d4f5440a3a2bb2e9d0d582bbf98234e9e9bb095",
              "versionType": "git"
            },
            {
              "lessThan": "74c6015375d8b9bc1b1eb79f20636c8e894bcad7",
              "status": "affected",
              "version": "6d4f5440a3a2bb2e9d0d582bbf98234e9e9bb095",
              "versionType": "git"
            },
            {
              "lessThan": "c7a27bb4d0f6573ca0f9c7ef0b63291486239190",
              "status": "affected",
              "version": "6d4f5440a3a2bb2e9d0d582bbf98234e9e9bb095",
              "versionType": "git"
            },
            {
              "lessThan": "6a4acd3e86fe5584050c213d95147eba33856033",
              "status": "affected",
              "version": "6d4f5440a3a2bb2e9d0d582bbf98234e9e9bb095",
              "versionType": "git"
            },
            {
              "lessThan": "7f66fdbc077faed3b52519228d21d81979e92249",
              "status": "affected",
              "version": "6d4f5440a3a2bb2e9d0d582bbf98234e9e9bb095",
              "versionType": "git"
            },
            {
              "lessThan": "2edc92f89eee328b5be5706b5d431bf90669e9c0",
              "status": "affected",
              "version": "6d4f5440a3a2bb2e9d0d582bbf98234e9e9bb095",
              "versionType": "git"
            },
            {
              "lessThan": "e716edafedad4952fe3a4a273d2e039a84e8681a",
              "status": "affected",
              "version": "6d4f5440a3a2bb2e9d0d582bbf98234e9e9bb095",
              "versionType": "git"
            },
            {
              "status": "affected",
              "version": "fee906f035f0bd18ff12d84d58766c44a2ab0918",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/hid/hid-multitouch.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.4"
            },
            {
              "lessThan": "4.4",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.253",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.203",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.168",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.134",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.81",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.18.*",
              "status": "unaffected",
              "version": "6.18.22",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.19.*",
              "status": "unaffected",
              "version": "6.19.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "7.0",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.253",
                  "versionStartIncluding": "4.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.203",
                  "versionStartIncluding": "4.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.168",
                  "versionStartIncluding": "4.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.134",
                  "versionStartIncluding": "4.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.81",
                  "versionStartIncluding": "4.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.18.22",
                  "versionStartIncluding": "4.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.19.12",
                  "versionStartIncluding": "4.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "7.0",
                  "versionStartIncluding": "4.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "4.3.6",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: multitouch: Check to ensure report responses match the request\n\nIt is possible for a malicious (or clumsy) device to respond to a\nspecific report\u0027s feature request using a completely different report\nID.  This can cause confusion in the HID core resulting in nasty\nside-effects such as OOB writes.\n\nAdd a check to ensure that the report ID in the response, matches the\none that was requested.  If it doesn\u0027t, omit reporting the raw event and\nreturn early."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-03T05:46:22.203Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/516da3f25cfe18643835af1cf09b0e9ffc36c383"
        },
        {
          "url": "https://git.kernel.org/stable/c/a61163daf8a90b4a7ef154d5fc9c525f665734e3"
        },
        {
          "url": "https://git.kernel.org/stable/c/74c6015375d8b9bc1b1eb79f20636c8e894bcad7"
        },
        {
          "url": "https://git.kernel.org/stable/c/c7a27bb4d0f6573ca0f9c7ef0b63291486239190"
        },
        {
          "url": "https://git.kernel.org/stable/c/6a4acd3e86fe5584050c213d95147eba33856033"
        },
        {
          "url": "https://git.kernel.org/stable/c/7f66fdbc077faed3b52519228d21d81979e92249"
        },
        {
          "url": "https://git.kernel.org/stable/c/2edc92f89eee328b5be5706b5d431bf90669e9c0"
        },
        {
          "url": "https://git.kernel.org/stable/c/e716edafedad4952fe3a4a273d2e039a84e8681a"
        }
      ],
      "title": "HID: multitouch: Check to ensure report responses match the request",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2026-43047",
    "datePublished": "2026-05-01T14:15:42.562Z",
    "dateReserved": "2026-05-01T14:12:55.979Z",
    "dateUpdated": "2026-05-03T05:46:22.203Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.