CVE-2026-31520

In the Linux kernel, the following vulnerability has been resolved:

HID: apple: avoid memory leak in apple_report_fixup()

The apple_report_fixup() function was returning a
newly kmemdup()-allocated buffer, but never freeing it.

The caller of report_fixup() does not take ownership of the returned
pointer, but it *is* permitted to return a sub-portion of the input
rdesc, whose lifetime is managed by the caller.

More information : https://git.kernel.org/stable/c/239c15116d80f67d32f00acc34575f1a6b699613