Home / Vulnerability Intelligence / CVE-2026-43048

CVE-2026-43048 - Vulnerability Analysis

HighCVSS: 8.8

Last Updated: May 3, 2026

Linux Kernel - Out of Bounds Read/Write

Published: May 1, 2026Updated: May 3, 2026

Overview

Linux kernel contains an out-of-bounds read/write vulnerability caused by improper memset() usage in hid_report_raw_event(), letting attackers potentially cause memory corruption, exploit requires crafted HID input events.

Severity & Score

Severity: High

CVSS Score: 8.8

Impact

Attackers can cause out-of-bounds memory access leading to potential memory corruption or denial of service.

Mitigation

Update to the latest Linux kernel version with the memset() fix in hid_report_raw_event().

References

https://git.kernel.org/stable/c/0a3fe972a7cb1404f693d6f1711f32bc1d244b1c
https://git.kernel.org/stable/c/8f71034649738fdeb6859b8d6cddf132024fac06
https://git.kernel.org/stable/c/bd6e1d0230cca9575f5d118148f51e2a56b5373f

Related Resources

Vulnerability Intelligence Dashboard
Credential Scanner

Details

CVE ID: CVE-2026-43048
Severity: High
CVSS Score: 8.8
Type: out_of_bounds_rw
Status: unconfirmed

CVSS Metrics

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H