Linux Kernel HID Apple Memory Leak Vulnerability in Report Fixup Function

A memory leak vulnerability has been identified in the Linux kernel's HID Apple driver. The issue arises in the apple_report_fixup() function, which returns a buffer allocated with kmemdup() but fails to free it. Although the caller does not take ownership of this buffer, it can return a portion of the input report descriptor, managed by the caller's lifetime. This vulnerability affects the Linux kernel HID Apple driver in versions prior to the fix.

Impact

Exploitation of this vulnerability leads to a memory leak, where allocated memory is not properly freed, potentially causing increased memory usage and degradation of system performance over time.

Reproduction

The vulnerability can be reproduced by using a version of the Linux kernel that includes the affected HID Apple driver. When the apple_report_fixup() function is called, it will return a newly allocated buffer without freeing it, creating a memory leak.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been addressed. The specific commit that resolves this issue is 239c15116d80f67d32f00acc34575f1a6b699613.