Updated libinput packages fix security vulnerability
Publication date: 15 Jun 2026Modification date: 15 Jun 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-50292
Description
In libinput before 1.30.4 and 1.31.x before 1.31.3,
libinput-device-group unescaped phys output can inject udev properties
leading to arbitrary root code execution
References
SRPMS
9/core
- libinput-1.23.0-2.1.mga9