CVE-2026-31522

MEDIUM EPSS 2.4%
Published Apr 22, 20262mo ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Apr 22, 2026 2mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: HID: magicmouse: avoid memory leak in magicmouse_report_fixup() The magicmouse_report_fixup() function was returning a newly kmemdup()-allocated buffer, but never freeing it. The caller of report_fixup() does not take ownership of the returned pointer, but it *is* permitted to return a sub-portion of the input rdesc, whose lifetime is managed by the caller.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
2.4% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-401

Affected Products 9

VendorProductVersionRange
linuxlinux_kernel*≥5.15.17  –  <5.15.203
linuxlinux_kernel*≥5.16.3  –  <5.17
linuxlinux_kernel*≥5.17  –  <6.1.168
linuxlinux_kernel*≥6.2  –  <6.6.131
linuxlinux_kernel*≥6.7  –  <6.12.80
linuxlinux_kernel*≥6.13  –  <6.18.21
linuxlinux_kernel*≥6.19  –  <6.19.11
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any

References 7

  • git.kernel.org https://git.kernel.org/stable/c/136f605e246b4bfe7ac2259471d1ff814aed0084
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/579c4c9857acdc8380fa99803f355f878bd766cb
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/79e5dcc95d9abed6f8203cfd529f4ec71f0e505d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7edfe4346b052b708645d0acc0f186425766b785
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/91e8c6e601bdc1ccdf886479b6513c01c7e51c2c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d84c21aabaab517b9aaf9bc1d785922cb9db2f31
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/fa95b0146358b49f9858139b67314591fd5871b0
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/136f605e246b4bfe7ac2259471d1ff814aed0084
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/579c4c9857acdc8380fa99803f355f878bd766cb
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/79e5dcc95d9abed6f8203cfd529f4ec71f0e505d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7edfe4346b052b708645d0acc0f186425766b785
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/91e8c6e601bdc1ccdf886479b6513c01c7e51c2c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d84c21aabaab517b9aaf9bc1d785922cb9db2f31
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/fa95b0146358b49f9858139b67314591fd5871b0
    Patch