Linux Kernel HID PIDFF Vulnerability in VRS DirectForce PRO

Vulnerability

A vulnerability in the Linux kernel's Human Interface Device (HID) PIDFF (Physical Interface Device Force Feedback) handling has been addressed. The issue arose because the pool report, which can sometimes be inaccurate, was not properly refreshed before accessing its fields. This oversight led to a system error (oops) on the VRS DirectForce PRO device. The vulnerability has been resolved by ensuring the pool report is updated before field access. Additionally, the original while loop was replaced with a for loop, and exit conditions were adjusted to reduce the risk of an infinite loop.

Impact

Exploitation of this vulnerability could lead to a system error, causing a crash or unintended behavior in the application or device using the VRS DirectForce PRO.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel HID PIDFF Vulnerability in VRS DirectForce PRO

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating