CVE-2026-43051 - Vulnerability Analysis
HighCVSS: 8.1Last Updated: May 3, 2026
Linux Kernel - Out-of-Bounds Read
Published: May 1, 2026Updated: May 3, 2026
Overview
Linux kernel contains an out-of-bounds read vulnerability in wacom_intuos_bt_irq function due to insufficient bounds checking of Bluetooth HID reports, letting attackers trigger memory read beyond buffer limits, exploit requires crafted short report.
Severity & Score
Severity: High
CVSS Score: 8.1
Impact
Attackers can cause out-of-bounds memory reads, potentially leading to information disclosure or system instability.
Mitigation
Update to the latest Linux kernel version containing the fix.
References
- https://git.kernel.org/stable/c/41026bcc0fdf82605205c27935ef719cbc07193b
- https://git.kernel.org/stable/c/5b5b9730111808410e404ceac2fabd32eef92fbd
- https://git.kernel.org/stable/c/8bd690ac1242332c73cba10dacdad6c6642bbb94
- https://git.kernel.org/stable/c/c8dc23c97680eebefde06da5858aaef1b37cf75d
- https://git.kernel.org/stable/c/d0ae84b3c9f3ea1a564eb1b7612113ca9fe8aada
- https://git.kernel.org/stable/c/fa8901cb1f0b2113a342db93bd5684b59fe99dcf
- https://git.kernel.org/stable/c/2f1763f62909ccb6386ac50350fa0abbf5bb16a9
- https://git.kernel.org/stable/c/3d78386b144453c47e81bf62dc3601b757f02d99
Related Resources
Details
- CVE ID
- CVE-2026-43051
- Severity
- High
- CVSS Score
- 8.1
- Type
- out_of_bounds_rw
- Status
- unconfirmed
CVSS Metrics
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H