5.5

CVE-2026-46109

usb: ulpi: fix memory leak on ulpi_register() error paths

In the Linux kernel, the following vulnerability has been resolved:

usb: ulpi: fix memory leak on ulpi_register() error paths

Commit 01af542392b5 ("usb: ulpi: fix double free in
ulpi_register_interface() error path") removed kfree(ulpi) from
ulpi_register_interface() to fix a double-free when device_register()
fails.

But when ulpi_of_register() or ulpi_read_id() fail before
device_register() is called, the ulpi allocation is leaked.

Add kfree(ulpi) on both error paths to properly clean up the allocation.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.10.253 < 5.10.258
LinuxLinux Kernel Version >= 5.15.203 < 5.15.209
LinuxLinux Kernel Version >= 6.1.168 < 6.1.175
LinuxLinux Kernel Version >= 6.6.134 < 6.6.140
LinuxLinux Kernel Version >= 6.12.81 < 6.12.88
LinuxLinux Kernel Version >= 6.18.22 < 6.18.30
LinuxLinux Kernel Version >= 6.19.12 < 7.0
LinuxLinux Kernel Version >= 7.0.1 < 7.0.7
LinuxLinux Kernel Version7.0 Update-
LinuxLinux Kernel Version7.0 Updaterc7
LinuxLinux Kernel Version7.1 Updaterc1
LinuxLinux Kernel Version7.1 Updaterc2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.12% 0.024
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/b0c0d44adb55c66663886cb6e30ee92cbb0f5385
Patch
https://git.kernel.org/stable/c/be2c1d825f54277472c87019e82013ac534ddc4c
Patch
https://git.kernel.org/stable/c/2a71e01b2cf9b4329ff67102c1bea7448c2a2d2d
Patch
https://git.kernel.org/stable/c/f30ccfc2985590b33a23a3d8bed7ca16c0af551b
Patch
https://git.kernel.org/stable/c/0b9fcab1b8608d429e5f239afb197de928d4de7d
Patch
https://git.kernel.org/stable/c/0c2c0c6820fe96fa4be0a0499f8d3f3321b9af6c
Patch
https://git.kernel.org/stable/c/7bd61ed0bf9f4f1f2673d489b3bda1555b48d054
Patch
https://git.kernel.org/stable/c/f1b855c00988a9cb41134cab7cf9faedba775dd9
Patch