{"id":"CVE-2026-31625","summary":"HID: alps: fix NULL pointer dereference in alps_raw_event()","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nHID: alps: fix NULL pointer dereference in alps_raw_event()\n\nCommit ecfa6f34492c (\"HID: Add HID_CLAIMED_INPUT guards in raw_event\ncallbacks missing them\") attempted to fix up the HID drivers that had\nmissed the previous fix that was done in 2ff5baa9b527 (\"HID: appleir:\nFix potential NULL dereference at raw event handle\"), but the alps\ndriver was missed.\n\nFix this up by properly checking in the hid-alps driver that it had been\nclaimed correctly before attempting to process the raw event.","modified":"2026-05-18T05:59:52.676268745Z","published":"2026-04-24T14:42:42.481Z","related":["CGA-xrhv-c7g8-hvfm","openSUSE-SU-2026:10703-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/31xxx/CVE-2026-31625.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/0091dfa542a362c178a7e9393097138a57d327d1"},{"type":"WEB","url":"https://git.kernel.org/stable/c/1badfc4319224820d5d890f8eab6aa52e4e83339"},{"type":"WEB","url":"https://git.kernel.org/stable/c/4b618248d2307a219d9431a730cfe1156c8e3386"},{"type":"WEB","url":"https://git.kernel.org/stable/c/8eed7bce7a4c41ab28ee4891103623a12fd41611"},{"type":"WEB","url":"https://git.kernel.org/stable/c/c8cc765253ad89ccc106a7bdeb5aeac6cf963078"},{"type":"WEB","url":"https://git.kernel.org/stable/c/ee2cb3ddfdca949dbc0c3f796ed5a439f0efc9f6"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/31xxx/CVE-2026-31625.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-31625"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"73196ebe134d11a68a2e27814c489d685cfc8b03"},{"fixed":"c8cc765253ad89ccc106a7bdeb5aeac6cf963078"},{"fixed":"8eed7bce7a4c41ab28ee4891103623a12fd41611"},{"fixed":"0091dfa542a362c178a7e9393097138a57d327d1"},{"fixed":"4b618248d2307a219d9431a730cfe1156c8e3386"},{"fixed":"ee2cb3ddfdca949dbc0c3f796ed5a439f0efc9f6"},{"fixed":"1badfc4319224820d5d890f8eab6aa52e4e83339"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-31625.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"4.15.0"},{"fixed":"6.6.136"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.7.0"},{"fixed":"6.12.83"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.13.0"},{"fixed":"6.18.24"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.19.0"},{"fixed":"6.19.14"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.20.0"},{"fixed":"7.0.1"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-31625.json"}}],"schema_version":"1.7.5"}