CVE-2026-23081

MEDIUM

Linux Kernel 6.13-6.18.7 - OF Node Reference Count Leak in intel-xway PHY Driver

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: net: phy: intel-xway: fix OF node refcount leakage Automated review spotted am OF node reference count leakage when checking if the 'leds' child node exists. Call of_put_node() to correctly maintain the refcount.

References (2)

Core 2

Core References

Patch

https://git.kernel.org/stable/c/1f24dfd556401b75f78e8d9cbd94dd9f31411c3a

Patch

https://git.kernel.org/stable/c/79912b256e14054e6ba177d7e7e631485ce23dbe

Scores

CVSS v3 5.5

EPSS 0.0002

EPSS Percentile 5.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

Status published

Products (9)

linux/Kernel 6.13.0 - 6.18.8linux

Linux/Linux < 6.13

Linux/Linux 1758af47b98c17da464cb45f476875150955dd48 - 1f24dfd556401b75f78e8d9cbd94dd9f31411c3a

Linux/Linux 1758af47b98c17da464cb45f476875150955dd48 - 79912b256e14054e6ba177d7e7e631485ce23dbe

Linux/Linux 6.13

Linux/Linux 6.18.8 - 6.18.*

Linux/Linux 6.19

linux/linux_kernel 6.19 rc1 (6 CPE variants)

linux/linux_kernel 6.13 - 6.18.8

Published Feb 04, 2026

Tracked Since Feb 18, 2026