Security Advisory

CVE-2026-31522

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-04-22 13:54:36
Last updated 2026-05-23 16:05:16
Assigner Linux
State PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: HID: magicmouse: avoid memory leak in magicmouse_report_fixup() The magicmouse_report_fixup() function was returning a newly kmemdup()-allocated buffer, but never freeing it. The caller of report_fixup() does not take ownership of the returned pointer, but it *is* permitted to return a sub-portion of the input rdesc, whose lifetime is managed by the caller.