Home

Description

In the Linux kernel, the following vulnerability has been resolved: pinctrl: pinconf-generic: Fix memory leak in pinconf_generic_parse_dt_config() In pinconf_generic_parse_dt_config(), if parse_dt_cfg() fails, it returns directly. This bypasses the cleanup logic and results in a memory leak of the cfg buffer. Fix this by jumping to the out label on failure, ensuring kfree(cfg) is called before returning.

PUBLISHED Reserved 2026-01-13 | Published 2026-03-25 | Updated 2026-05-11 | Assigner Linux

Product status

Default status
unaffected

90a18c512884adb49ddc2fb30e94594169aae808 (git) before 63ee429780a5d43b5b4406c6128109b0f47cf2f1
affected

90a18c512884adb49ddc2fb30e94594169aae808 (git) before 7a648d598cb8e8c62af3f0e020a25820a3f3a9a7
affected

Default status
affected

6.19
affected

Any version before 6.19
unaffected

6.19.7 (semver)
unaffected

7.0 (original_commit_for_fix)
unaffected

References

git.kernel.org/...c/63ee429780a5d43b5b4406c6128109b0f47cf2f1

git.kernel.org/...c/7a648d598cb8e8c62af3f0e020a25820a3f3a9a7

cve.org (CVE-2026-23337)

nvd.nist.gov (CVE-2026-23337)

Download JSON