{"id":"CVE-2026-43111","summary":"HID: roccat: fix use-after-free in roccat_report_event","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nHID: roccat: fix use-after-free in roccat_report_event\n\nroccat_report_event() iterates over the device-\u003ereaders list without\nholding the readers_lock. This allows a concurrent roccat_release() to\nremove and free a reader while it's still being accessed, leading to a\nuse-after-free.\n\nProtect the readers list traversal with the readers_lock mutex.","modified":"2026-07-11T03:54:02.289899449Z","published":"2026-05-06T07:40:37.916Z","related":["CGA-xvwf-v76p-r8hc"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/43xxx/CVE-2026-43111.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/181ea51ab0f6370842c5b49cfb86824253a1189e"},{"type":"WEB","url":"https://git.kernel.org/stable/c/20dca865460f7943cf70afca274b60dac371f546"},{"type":"WEB","url":"https://git.kernel.org/stable/c/36bb2d0b915014bbdc5044982b31b57b78045b93"},{"type":"WEB","url":"https://git.kernel.org/stable/c/441689e3103694caa3e2d62b7d57c7bccefa5e37"},{"type":"WEB","url":"https://git.kernel.org/stable/c/bca0b595e15450dd66b1153c76c4ef1087ee011b"},{"type":"WEB","url":"https://git.kernel.org/stable/c/d802d848308b35220f21a8025352f0c0aba15c12"},{"type":"WEB","url":"https://git.kernel.org/stable/c/e16a6d11bd77b81632165f02cf0d5946df74b3b7"},{"type":"WEB","url":"https://git.kernel.org/stable/c/e6a445513fbc6a0329d2d5ff375b6725750ec5a6"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/43xxx/CVE-2026-43111.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-43111"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"206f5f2fcb5ff5bb0c60f9e9189937f3ca03e378"},{"fixed":"20dca865460f7943cf70afca274b60dac371f546"},{"fixed":"441689e3103694caa3e2d62b7d57c7bccefa5e37"},{"fixed":"181ea51ab0f6370842c5b49cfb86824253a1189e"},{"fixed":"e6a445513fbc6a0329d2d5ff375b6725750ec5a6"},{"fixed":"e16a6d11bd77b81632165f02cf0d5946df74b3b7"},{"fixed":"36bb2d0b915014bbdc5044982b31b57b78045b93"},{"fixed":"bca0b595e15450dd66b1153c76c4ef1087ee011b"},{"fixed":"d802d848308b35220f21a8025352f0c0aba15c12"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-43111.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"2.6.35"},{"fixed":"5.10.258"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.11.0"},{"fixed":"5.15.209"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"6.1.175"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.6.136"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.7.0"},{"fixed":"6.12.83"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.13.0"},{"fixed":"6.18.24"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.19.0"},{"fixed":"6.19.14"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-43111.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}