5.5

CVE-2026-45863

i3c: dw: Fix memory leak in dw_i3c_master_i2c_xfers()

In the Linux kernel, the following vulnerability has been resolved:

i3c: dw: Fix memory leak in dw_i3c_master_i2c_xfers()

The dw_i3c_master_i2c_xfers() function allocates memory for the xfer
structure using dw_i3c_master_alloc_xfer(). If pm_runtime_resume_and_get()
fails, the function returns without freeing the allocated xfer, resulting
in a memory leak.

Add a dw_i3c_master_free_xfer() call to the error path to ensure the
allocated memory is properly freed.

Compile tested only. Issue found using a prototype static analysis tool
and code review.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 6.11 < 6.12.75
LinuxLinux Kernel Version >= 6.13 < 6.18.14
LinuxLinux Kernel Version >= 6.19 < 6.19.4
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.16% 0.05
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/140a45bd4f6db7d1b30cab967d29689b946c52fa
Patch
https://git.kernel.org/stable/c/8e71414e252c1cb235911008a98fd47927d3a55c
Patch
https://git.kernel.org/stable/c/a2c41467ef42f69a3958493a0395ba75174710dc
Patch
https://git.kernel.org/stable/c/2537089413514caaa9a5fdeeac3a34d45100f747
Patch