CVE-2026-23160 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: octeon_ep: Fix memory leak in octep_device_setup() In octep_device_setup(), if octep_ctrl_net_init() fails, the function returns directly without unmapping the mapped resources and freeing the allocated configuration memory. Fix this by jumping to the unsupported_dev label, which performs the necessary cleanup. This aligns with the error handling logic of other paths in this function. Compile tested only. Issue found using a prototype static analysis tool and code review.

PUBLISHED Reserved 2026-01-13 | Published 2026-02-14 | Updated 2026-02-14 | Assigner Linux

Product status

Default status

unaffected

577f0d1b1c5f3282fa2011177b0af692a7c21aee (git) before 5058d3f8f17202e673f90af1446252322bd0850f

affected

577f0d1b1c5f3282fa2011177b0af692a7c21aee (git) before fdfd28e13c244d7c3345e74f339fd1b67605b694

affected

577f0d1b1c5f3282fa2011177b0af692a7c21aee (git) before d753f3c3f9d7a6e6dbb4d3a97b73007d71624551

affected

577f0d1b1c5f3282fa2011177b0af692a7c21aee (git) before 8016dc5ee19a77678c264f8ba368b1e873fa705b

affected

Default status

affected

6.4

affected

Any version before 6.4

unaffected

6.6.123 (semver)

unaffected

6.12.69 (semver)

unaffected

6.18.9 (semver)

unaffected

6.19 (original_commit_for_fix)

unaffected

References

git.kernel.org/...c/5058d3f8f17202e673f90af1446252322bd0850f

git.kernel.org/...c/fdfd28e13c244d7c3345e74f339fd1b67605b694

git.kernel.org/...c/d753f3c3f9d7a6e6dbb4d3a97b73007d71624551

git.kernel.org/...c/8016dc5ee19a77678c264f8ba368b1e873fa705b

cve.org (CVE-2026-23160)

nvd.nist.gov (CVE-2026-23160)

Download JSON

help @ threatint.eu