{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2023-53454","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-09-17T14:54:09.754Z","datePublished":"2025-10-01T11:42:25.760Z","dateUpdated":"2026-05-11T19:45:19.148Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T19:45:19.148Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nHID: multitouch: Correct devm device reference for hidinput input_dev name\n\nReference the HID device rather than the input device for the devm\nallocation of the input_dev name. Referencing the input_dev would lead to a\nuse-after-free when the input_dev was unregistered and subsequently fires a\nuevent that depends on the name. At the point of firing the uevent, the\nname would be freed by devres management.\n\nUse devm_kasprintf to simplify the logic for allocating memory and\nformatting the input_dev name string."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/hid/hid-multitouch.c"],"versions":[{"version":"c08d46aa805ba46d501f610c2448d07bea979780","lessThan":"ac0d389402a6ff9ad92cea02c2d8c711483b91ab","status":"affected","versionType":"git"},{"version":"c08d46aa805ba46d501f610c2448d07bea979780","lessThan":"39c70c19456e50dcb3abfe53539220dff0490f1d","status":"affected","versionType":"git"},{"version":"c08d46aa805ba46d501f610c2448d07bea979780","lessThan":"df7ca43fe090e1a56c216c8ebc106ef5fd49afc6","status":"affected","versionType":"git"},{"version":"c08d46aa805ba46d501f610c2448d07bea979780","lessThan":"15ec7cb55e7d88755aa01d44a7a1015a42bfce86","status":"affected","versionType":"git"},{"version":"c08d46aa805ba46d501f610c2448d07bea979780","lessThan":"dde88ab4e45beb60b217026207aa9c14c88d71ab","status":"affected","versionType":"git"},{"version":"c08d46aa805ba46d501f610c2448d07bea979780","lessThan":"2763732ec1e68910719c75b6b896e11b6d3d622b","status":"affected","versionType":"git"},{"version":"c08d46aa805ba46d501f610c2448d07bea979780","lessThan":"1d7833db9fd118415dace2ca157bfa603dec9c8c","status":"affected","versionType":"git"},{"version":"c08d46aa805ba46d501f610c2448d07bea979780","lessThan":"b70ac7849248ec8128fa12f86e3655ba38838f29","status":"affected","versionType":"git"},{"version":"c08d46aa805ba46d501f610c2448d07bea979780","lessThan":"4794394635293a3e74591351fff469cea7ad15a2","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/hid/hid-multitouch.c"],"versions":[{"version":"3.12","status":"affected"},{"version":"0","lessThan":"3.12","status":"unaffected","versionType":"semver"},{"version":"4.14.326","lessThanOrEqual":"4.14.*","status":"unaffected","versionType":"semver"},{"version":"4.19.295","lessThanOrEqual":"4.19.*","status":"unaffected","versionType":"semver"},{"version":"5.4.257","lessThanOrEqual":"5.4.*","status":"unaffected","versionType":"semver"},{"version":"5.10.195","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.132","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.53","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.4.16","lessThanOrEqual":"6.4.*","status":"unaffected","versionType":"semver"},{"version":"6.5.3","lessThanOrEqual":"6.5.*","status":"unaffected","versionType":"semver"},{"version":"6.6","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.12","versionEndExcluding":"4.14.326"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.12","versionEndExcluding":"4.19.295"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.12","versionEndExcluding":"5.4.257"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.12","versionEndExcluding":"5.10.195"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.12","versionEndExcluding":"5.15.132"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.12","versionEndExcluding":"6.1.53"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.12","versionEndExcluding":"6.4.16"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.12","versionEndExcluding":"6.5.3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.12","versionEndExcluding":"6.6"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/ac0d389402a6ff9ad92cea02c2d8c711483b91ab"},{"url":"https://git.kernel.org/stable/c/39c70c19456e50dcb3abfe53539220dff0490f1d"},{"url":"https://git.kernel.org/stable/c/df7ca43fe090e1a56c216c8ebc106ef5fd49afc6"},{"url":"https://git.kernel.org/stable/c/15ec7cb55e7d88755aa01d44a7a1015a42bfce86"},{"url":"https://git.kernel.org/stable/c/dde88ab4e45beb60b217026207aa9c14c88d71ab"},{"url":"https://git.kernel.org/stable/c/2763732ec1e68910719c75b6b896e11b6d3d622b"},{"url":"https://git.kernel.org/stable/c/1d7833db9fd118415dace2ca157bfa603dec9c8c"},{"url":"https://git.kernel.org/stable/c/b70ac7849248ec8128fa12f86e3655ba38838f29"},{"url":"https://git.kernel.org/stable/c/4794394635293a3e74591351fff469cea7ad15a2"}],"title":"HID: multitouch: Correct devm device reference for hidinput input_dev name","x_generator":{"engine":"bippy-1.2.0"}}}}