In the Linux kernel, the following vulnerability has been resolved: HID: prodikeys: Check presence of pm->input_ep82 Fake USB devices can send their own report descriptors for which the input_mapping() hook does not get called. In this case, pm->input_ep82 stays NULL, which leads to a crash later. This does not happen with the real device, but can be provoked by imposing as one.

A flaw was found in the Linux kernel's Human Interface Device (HID) prodikeys driver. A local attacker can exploit this vulnerability by connecting a specially crafted Universal Serial Bus (USB) device. This device can send a malicious report descriptor, bypassing a necessary check and causing a null pointer dereference. This issue can lead to a system crash, resulting in a Denial of Service (DoS).

Red Hat acknowledges the upstream Linux kernel correction for «HID» as described in COMMENT_ZERO. Fixes are delivered through standard kernel errata for supported products. Operational exposure depends on whether this subsystem or driver is active in your configuration. Red Hat Enterprise Linux 10 Fix deferred kernel Red Hat Enterprise Linux 6 Not affected kernel Red Hat Enterprise Linux 7 Fix deferred kernel Red Hat Enterprise Linux 7 Fix deferred kernel-rt Red Hat Enterprise Linux 8 Fix deferred kernel Red Hat Enterprise Linux 8 Fix deferred kernel-rt Red Hat Enterprise Linux 9 Fix deferred kernel Red Hat Enterprise Linux 9 Fix deferred kernel-rt https://www.cve.org/CVERecord?id=CVE-2026-43251 https://nvd.nist.gov/vuln/detail/CVE-2026-43251 https://lore.kernel.org/linux-cve-announce/2026050603-CVE-2026-43251-1276@gregkh/T