CVE-2026-31524

Summary

In the Linux kernel, the following vulnerability has been resolved:

HID: asus: avoid memory leak in asus_report_fixup()

The asus_report_fixup() function was returning a newly allocated kmemdup()-allocated buffer, but never freeing it. Switch to devm_kzalloc() to ensure the memory is managed and freed automatically when the device is removed.

The caller of report_fixup() does not take ownership of the returned pointer, but it is permitted to return a pointer whose lifetime is at least that of the input buffer.

Also fix a harmless out-of-bounds read by copying only the original descriptor size.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux5703e52cc711bc01e72cf12b86a126909c79d213 < 726765b43deb2b4723869d673cc5fc6f7a3b2059affected
LinuxLinux5703e52cc711bc01e72cf12b86a126909c79d213 < ede95cfcab8064d9a08813fbd7ed42cea8843dcfaffected
LinuxLinux5703e52cc711bc01e72cf12b86a126909c79d213 < 2e4fe6b15c2f390c023b20d728b1a3fe7ea4f973affected
LinuxLinux5703e52cc711bc01e72cf12b86a126909c79d213 < f20f17cffbe34fb330267e0f8084f5565f807444affected
LinuxLinux5703e52cc711bc01e72cf12b86a126909c79d213 < 7a6d6e4d8af044f94fa97e97af5ff2771e1fbebdaffected
LinuxLinux5703e52cc711bc01e72cf12b86a126909c79d213 < a41cc7c1668e44ff2c2d36f9a6353253ffc43e3caffected
LinuxLinux5703e52cc711bc01e72cf12b86a126909c79d213 < 84724ac4821a160d47b84289adf139023027bdbbaffected
LinuxLinux5703e52cc711bc01e72cf12b86a126909c79d213 < 2bad24c17742fc88973d6aea526ce1353f5334a3affected
LinuxLinux4.14affected
LinuxLinux0 < 4.14unaffected
LinuxLinux5.10.253 <= 5.10.*unaffected
LinuxLinux5.15.203 <= 5.15.*unaffected
LinuxLinux6.1.168 <= 6.1.*unaffected
LinuxLinux6.6.131 <= 6.6.*unaffected
LinuxLinux6.12.80 <= 6.12.*unaffected
LinuxLinux6.18.21 <= 6.18.*unaffected
LinuxLinux6.19.11 <= 6.19.*unaffected
LinuxLinux7.0 <= *unaffected

Weaknesses

References