A failure during force‑feedback initialization of the Logitech G920 Driving Force Racing Wheel on Linux exposes the kernel to a use‑after‑free exploit. The kernel returns an error code without properly dismantling the userspace infrastructure, allowing userspace to continue referencing the now‑freed resources. If this is not handled, a use‑after‑free will occur, potentially causing memory corruption or a crash. This is a classic use‑after‑free (CWE‑416) scenario and could enable an attacker to execute arbitrary code with kernel privileges.

The flaw resides in the Linux kernel’s HID: logitech‑hidpp driver and affects all installations that load this driver for the Logitech G920 (or similar Logitech HIDPP devices). No specific kernel release is specified in the data, so all kernels that include the unpatched version of the driver are potentially impacted.

Because the vulnerability creates a use‑after‑free (CWE‑416), a successful exploitation could lead to kernel panic or arbitrary code execution, escalating the attacker’s privileges to root. The CVSS score of 7.8 indicates high‑medium severity; the EPSS score of <1% suggests low but non‑zero exploitation probability, and the vulnerability is not listed in the CISA KEV catalog. The nature of the flaw suggests that exploitation is likely feasible from an unprivileged local attacker who can interact with the problematic device. The likely attack vector is local, and based on the description, it is inferred that it requires physical access to the device or a compromised userspace process that can manipulate the device’s initialization sequence.