Linux Kernel HID Magic Mouse Memory Leak Vulnerability in Report Fixup Function

A memory leak vulnerability has been identified in the Linux kernel's HID magic mouse driver. The issue arises in the 'magicmouse_report_fixup()' function, which returns a buffer allocated with 'kmemdup()' but fails to free it. Although the function's caller does not take ownership of the returned pointer, it can return a portion of the input report descriptor, managed by the caller's lifetime. This vulnerability affects the Linux kernel stable tree.

Impact

The vulnerability leads to a memory leak, where allocated memory is not properly freed, potentially causing increased memory usage over time.

Reproduction

The vulnerability can be reproduced by using a magic mouse with a Linux kernel version that includes the flawed 'magicmouse_report_fixup()' function. The issue occurs when the function is called, as it will leak memory by returning an unfreed buffer.

Remediation

Users can upgrade to the latest version of the Linux kernel, where this vulnerability has been addressed. Instructions for downloading the patched version can be found in the Linux kernel documentation.