CVE-2023-54207

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> HID: uclogic: Correct devm device reference for hidinput input_dev name<br /> <br /> Reference the HID device rather than the input device for the devm<br /> allocation of the input_dev name. Referencing the input_dev would lead to a<br /> use-after-free when the input_dev was unregistered and subsequently fires a<br /> uevent that depends on the name. At the point of firing the uevent, the<br /> name would be freed by devres management.<br /> <br /> Use devm_kasprintf to simplify the logic for allocating memory and<br /> formatting the input_dev name string.