CVE-2026-31524

UNKNOWN 0.0

HID: asus: avoid memory leak in asus_report_fixup()

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: HID: asus: avoid memory leak in asus_report_fixup() The asus_report_fixup() function was returning a newly allocated kmemdup()-allocated buffer, but never freeing it. Switch to devm_kzalloc() to ensure the memory is managed and freed automatically when the device is removed. The caller of report_fixup() does not take ownership of the returned pointer, but it is permitted to return a pointer whose lifetime is at least that of the input buffer. Also fix a harmless out-of-bounds read by copying only the original descriptor size.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Apr 22, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 726765b43deb2b4723869d673cc5fc6f7a3b2059 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < ede95cfcab8064d9a08813fbd7ed42cea8843dcf 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 2e4fe6b15c2f390c023b20d728b1a3fe7ea4f973 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < f20f17cffbe34fb330267e0f8084f5565f807444 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 7a6d6e4d8af044f94fa97e97af5ff2771e1fbebd 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < a41cc7c1668e44ff2c2d36f9a6353253ffc43e3c 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 84724ac4821a160d47b84289adf139023027bdbb 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 2bad24c17742fc88973d6aea526ce1353f5334a3

Linux / Linux

All versions affected

References

NVD ↗ CVE.org ↗ EPSS Data ↗