CVE-2026-31522

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A memory leak exists in the magicmouse report fixup() function. The function returns a buffer allocated via kmemdup(), but this buffer is never freed. The caller of report fixup() does not take ownership of the returned pointer, leading to the leak.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.