CVE-2026-23464

ADVISORY - nist

Summary

In the Linux kernel, the following vulnerability has been resolved:

soc: microchip: mpfs: Fix memory leak in mpfs_sys_controller_probe()

In mpfs_sys_controller_probe(), if of_get_mtd_device_by_node() fails, the function returns immediately without freeing the allocated memory for sys_controller, leading to a memory leak.

Fix this by jumping to the out_free label to ensure the memory is properly freed.

Also, consolidate the error handling for the mbox_request_channel() failure case to use the same label.

EPSS Score: 0.00122 (0.023)

Common Weakness Enumeration (CWE)

ADVISORY - nist

Missing Release of Memory after Effective Lifetime

ADVISORY - redhat

Missing Release of Resource after Effective Lifetime


Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.

Sign in