CVE-2026-31524
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
HID: asus: avoid memory leak in asus_report_fixup()
The asus_report_fixup() function was returning a newly allocated kmemdup()-allocated buffer, but never freeing it. Switch to devm_kzalloc() to ensure the memory is managed and freed automatically when the device is removed.
The caller of report_fixup() does not take ownership of the returned pointer, but it is permitted to return a pointer whose lifetime is at least that of the input buffer.
Also fix a harmless out-of-bounds read by copying only the original descriptor size.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 5703e52cc711bc01e72cf12b86a126909c79d213 < 726765b43deb2b4723869d673cc5fc6f7a3b2059 | affected |
| Linux | Linux | 5703e52cc711bc01e72cf12b86a126909c79d213 < ede95cfcab8064d9a08813fbd7ed42cea8843dcf | affected |
| Linux | Linux | 5703e52cc711bc01e72cf12b86a126909c79d213 < 2e4fe6b15c2f390c023b20d728b1a3fe7ea4f973 | affected |
| Linux | Linux | 5703e52cc711bc01e72cf12b86a126909c79d213 < f20f17cffbe34fb330267e0f8084f5565f807444 | affected |
| Linux | Linux | 5703e52cc711bc01e72cf12b86a126909c79d213 < 7a6d6e4d8af044f94fa97e97af5ff2771e1fbebd | affected |
| Linux | Linux | 5703e52cc711bc01e72cf12b86a126909c79d213 < a41cc7c1668e44ff2c2d36f9a6353253ffc43e3c | affected |
| Linux | Linux | 5703e52cc711bc01e72cf12b86a126909c79d213 < 84724ac4821a160d47b84289adf139023027bdbb | affected |
| Linux | Linux | 5703e52cc711bc01e72cf12b86a126909c79d213 < 2bad24c17742fc88973d6aea526ce1353f5334a3 | affected |
| Linux | Linux | 4.14 | affected |
| Linux | Linux | 0 < 4.14 | unaffected |
| Linux | Linux | 5.10.253 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.203 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.168 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.131 <= 6.6.* | unaffected |
| Linux | Linux | 6.12.80 <= 6.12.* | unaffected |
| Linux | Linux | 6.18.21 <= 6.18.* | unaffected |
| Linux | Linux | 6.19.11 <= 6.19.* | unaffected |
| Linux | Linux | 7.0 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/726765b43deb2b4723869d673cc5fc6f7a3b2059
- https://git.kernel.org/stable/c/ede95cfcab8064d9a08813fbd7ed42cea8843dcf
- https://git.kernel.org/stable/c/2e4fe6b15c2f390c023b20d728b1a3fe7ea4f973
- https://git.kernel.org/stable/c/f20f17cffbe34fb330267e0f8084f5565f807444
- https://git.kernel.org/stable/c/7a6d6e4d8af044f94fa97e97af5ff2771e1fbebd
- https://git.kernel.org/stable/c/a41cc7c1668e44ff2c2d36f9a6353253ffc43e3c
- https://git.kernel.org/stable/c/84724ac4821a160d47b84289adf139023027bdbb
- https://git.kernel.org/stable/c/2bad24c17742fc88973d6aea526ce1353f5334a3
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.