CVE-2026-43111
Published: May 6, 2026
Modified: Jun 1, 2026
CVSS v3.1
7.8
Description
In the Linux kernel, the following vulnerability has been resolved: HID: roccat: fix use-after-free in roccat_report_event roccat_report_event() iterates over the device->readers list without holding the readers_lock. This allows a concurrent roccat_release() to remove and free a reader while it's still being accessed, leading to a use-after-free. Protect the readers list traversal with the readers_lock mutex.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 206f5f2fcb5ff5bb0c60f9e9189937f3ca03e378 - < 20dca865460f7943cf70afca274b60dac371f546affected 206f5f2fcb5ff5bb0c60f9e9189937f3ca03e378 - < 441689e3103694caa3e2d62b7d57c7bccefa5e37affected 206f5f2fcb5ff5bb0c60f9e9189937f3ca03e378 - < 181ea51ab0f6370842c5b49cfb86824253a1189eaffected 206f5f2fcb5ff5bb0c60f9e9189937f3ca03e378 - < e6a445513fbc6a0329d2d5ff375b6725750ec5a6affected 206f5f2fcb5ff5bb0c60f9e9189937f3ca03e378 - < e16a6d11bd77b81632165f02cf0d5946df74b3b7+3 more versions |
Linux | Linux | affected 2.6.35unaffected 0 - < 2.6.35unaffected 5.10.258 - <= 5.10.*unaffected 5.15.209 - <= 5.15.*unaffected 6.1.175 - <= 6.1.*+5 more versions |
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now