{
  "affected": [
    {
      "ranges": [
        {
          "events": [
            {
              "introduced": "73196ebe134d11a68a2e27814c489d685cfc8b03"
            },
            {
              "fixed": "56850666bb5dcf7a13d76c5d02864813e17ee537"
            },
            {
              "fixed": "72516a8d7fe247fd895424bab87952f105a0c255"
            },
            {
              "fixed": "cc411e4823d8bfa23327d9989a0fa4e0ce76aebe"
            },
            {
              "fixed": "c8cc765253ad89ccc106a7bdeb5aeac6cf963078"
            },
            {
              "fixed": "8eed7bce7a4c41ab28ee4891103623a12fd41611"
            },
            {
              "fixed": "0091dfa542a362c178a7e9393097138a57d327d1"
            },
            {
              "fixed": "4b618248d2307a219d9431a730cfe1156c8e3386"
            },
            {
              "fixed": "ee2cb3ddfdca949dbc0c3f796ed5a439f0efc9f6"
            },
            {
              "fixed": "1badfc4319224820d5d890f8eab6aa52e4e83339"
            }
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "type": "GIT"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Linux",
        "name": "Kernel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.15.0"
            },
            {
              "fixed": "5.10.258"
            }
          ],
          "type": "ECOSYSTEM"
        },
        {
          "events": [
            {
              "introduced": "5.11.0"
            },
            {
              "fixed": "5.15.209"
            }
          ],
          "type": "ECOSYSTEM"
        },
        {
          "events": [
            {
              "introduced": "5.16.0"
            },
            {
              "fixed": "6.1.175"
            }
          ],
          "type": "ECOSYSTEM"
        },
        {
          "events": [
            {
              "introduced": "6.2.0"
            },
            {
              "fixed": "6.6.136"
            }
          ],
          "type": "ECOSYSTEM"
        },
        {
          "events": [
            {
              "introduced": "6.7.0"
            },
            {
              "fixed": "6.12.83"
            }
          ],
          "type": "ECOSYSTEM"
        },
        {
          "events": [
            {
              "introduced": "6.13.0"
            },
            {
              "fixed": "6.18.24"
            }
          ],
          "type": "ECOSYSTEM"
        },
        {
          "events": [
            {
              "introduced": "6.19.0"
            },
            {
              "fixed": "6.19.14"
            }
          ],
          "type": "ECOSYSTEM"
        },
        {
          "events": [
            {
              "introduced": "6.20.0"
            },
            {
              "fixed": "7.0.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "database_specific": {
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/31xxx/CVE-2026-31625.json"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: alps: fix NULL pointer dereference in alps_raw_event()\n\nCommit ecfa6f34492c (\"HID: Add HID_CLAIMED_INPUT guards in raw_event\ncallbacks missing them\") attempted to fix up the HID drivers that had\nmissed the previous fix that was done in 2ff5baa9b527 (\"HID: appleir:\nFix potential NULL dereference at raw event handle\"), but the alps\ndriver was missed.\n\nFix this up by properly checking in the hid-alps driver that it had been\nclaimed correctly before attempting to process the raw event.",
  "id": "CVE-2026-31625",
  "modified": "2026-07-08T05:37:16.177576653Z",
  "published": "2026-04-24T14:42:42.481Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/0091dfa542a362c178a7e9393097138a57d327d1"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/1badfc4319224820d5d890f8eab6aa52e4e83339"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/4b618248d2307a219d9431a730cfe1156c8e3386"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/56850666bb5dcf7a13d76c5d02864813e17ee537"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/72516a8d7fe247fd895424bab87952f105a0c255"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/8eed7bce7a4c41ab28ee4891103623a12fd41611"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/c8cc765253ad89ccc106a7bdeb5aeac6cf963078"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/cc411e4823d8bfa23327d9989a0fa4e0ce76aebe"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ee2cb3ddfdca949dbc0c3f796ed5a439f0efc9f6"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/31xxx/CVE-2026-31625.json"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31625"
    },
    {
      "type": "PACKAGE",
      "url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"
    }
  ],
  "schema_version": "1.7.5",
  "summary": "HID: alps: fix NULL pointer dereference in alps_raw_event()"
}