CVE-2023-53454
Published: Oct 1, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: Correct devm device reference for hidinput input_dev name Reference the HID device rather than the input device for the devm allocation of the input_dev name. Referencing the input_dev would lead to a use-after-free when the input_dev was unregistered and subsequently fires a uevent that depends on the name. At the point of firing the uevent, the name would be freed by devres management. Use devm_kasprintf to simplify the logic for allocating memory and formatting the input_dev name string.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected c08d46aa805ba46d501f610c2448d07bea979780 - < ac0d389402a6ff9ad92cea02c2d8c711483b91abaffected c08d46aa805ba46d501f610c2448d07bea979780 - < 39c70c19456e50dcb3abfe53539220dff0490f1daffected c08d46aa805ba46d501f610c2448d07bea979780 - < df7ca43fe090e1a56c216c8ebc106ef5fd49afc6affected c08d46aa805ba46d501f610c2448d07bea979780 - < 15ec7cb55e7d88755aa01d44a7a1015a42bfce86affected c08d46aa805ba46d501f610c2448d07bea979780 - < dde88ab4e45beb60b217026207aa9c14c88d71ab+4 more versions |
Linux | Linux | affected 3.12unaffected 0 - < 3.12unaffected 4.14.326 - <= 4.14.*unaffected 4.19.295 - <= 4.19.*unaffected 5.4.257 - <= 5.4.*+6 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now