VYPR
← All advisories
Medium severity5.5NVD Advisory· Published Apr 22, 2026· Updated Apr 28, 2026

CVE-2026-31522

CVE-2026-31522

Description

In the Linux kernel, the following vulnerability has been resolved:

HID: magicmouse: avoid memory leak in magicmouse_report_fixup()

The magicmouse_report_fixup() function was returning a newly kmemdup()-allocated buffer, but never freeing it.

The caller of report_fixup() does not take ownership of the returned pointer, but it *is* permitted to return a sub-portion of the input rdesc, whose lifetime is managed by the caller.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

A memory leak in the Linux kernel's HID magicmouse driver allows a local attacker to exhaust system memory by repeatedly connecting a malicious HID device.

Vulnerability

Overview

The magicmouse_report_fixup() function in the Linux kernel's HID magicmouse driver contains a memory leak. The function allocates a new buffer via kmemdup() but never frees it, as the caller does not take ownership of the returned pointer. The caller is permitted to return a sub-portion of the input report descriptor, whose lifetime is managed by the caller, but the newly allocated buffer is orphaned [1][2][3][4].

Exploitation

An attacker with physical access or the ability to connect a malicious HID device can trigger the vulnerable code path during device initialization. No authentication is required, and the attack can be repeated to gradually exhaust kernel memory, leading to a denial-of-service condition.

Impact

Successful exploitation results in a memory leak that can cause system memory exhaustion over time, potentially leading to system instability or crash. The CVSS v3 base score is 5.5 (Medium), reflecting the need for local access and the availability impact.

Mitigation

The fix has been applied to the Linux kernel stable tree and is available in multiple stable kernel updates [1][2][3][4]. Users should update their kernel to a version containing the patch to remediate the vulnerability.

References
  1. Making sure you're not a bot!
  2. Making sure you're not a bot!
  3. Making sure you're not a bot!
  4. Making sure you're not a bot!

AI Insight generated on May 18, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

3
  • Linux/Kernel3 versions
    cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*range: >=5.15.17,<5.15.203
    • cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

7

News mentions

0

No linked articles in our index yet.