5.5
CVE-2026-45863
- EPSS 0.16%
- Veröffentlicht 27.05.2026 12:15:42
- Zuletzt bearbeitet 25.06.2026 21:07:16
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
i3c: dw: Fix memory leak in dw_i3c_master_i2c_xfers()
In the Linux kernel, the following vulnerability has been resolved: i3c: dw: Fix memory leak in dw_i3c_master_i2c_xfers() The dw_i3c_master_i2c_xfers() function allocates memory for the xfer structure using dw_i3c_master_alloc_xfer(). If pm_runtime_resume_and_get() fails, the function returns without freeing the allocated xfer, resulting in a memory leak. Add a dw_i3c_master_free_xfer() call to the error path to ensure the allocated memory is properly freed. Compile tested only. Issue found using a prototype static analysis tool and code review.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 6.11 < 6.12.75
Linux ≫ Linux Kernel Version >= 6.13 < 6.18.14
Linux ≫ Linux Kernel Version >= 6.19 < 6.19.4
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.16% | 0.05 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-401 Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
https://git.kernel.org/stable/c/140a45bd4f6db7d1b30cab967d29689b946c52fa
https://git.kernel.org/stable/c/8e71414e252c1cb235911008a98fd47927d3a55c
https://git.kernel.org/stable/c/a2c41467ef42f69a3958493a0395ba75174710dc
https://git.kernel.org/stable/c/2537089413514caaa9a5fdeeac3a34d45100f747