CVE-2026-23164

MEDIUM

Linux kernel - Memory Corruption

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: rocker: fix memory leak in rocker_world_port_post_fini() In rocker_world_port_pre_init(), rocker_port->wpriv is allocated with kzalloc(wops->port_priv_size, GFP_KERNEL). However, in rocker_world_port_post_fini(), the memory is only freed when wops->port_post_fini callback is set: if (!wops->port_post_fini) return; wops->port_post_fini(rocker_port); kfree(rocker_port->wpriv); Since rocker_ofdpa_ops does not implement port_post_fini callback (it is NULL), the wpriv memory allocated for each port is never freed when ports are removed. This leads to a memory leak of sizeof(struct ofdpa_port) bytes per port on every device removal. Fix this by always calling kfree(rocker_port->wpriv) regardless of whether the port_post_fini callback exists.

References (7)

[Patch] https://git.kernel.org/stable/c/2a3a64d75d2d0727da285749476761ebcad557a3

[Patch] https://git.kernel.org/stable/c/8ce2e85889939c02740b4245301aa5c35fc94887

[Patch] https://git.kernel.org/stable/c/8d7ba71e46216b8657a82ca2ec118bc93812a4d0

[Patch] https://git.kernel.org/stable/c/b11e6f926480ab0939fec44781f28558c54be4e7

[Patch] https://git.kernel.org/stable/c/d448bf96889f1905e740c554780f5c9fa0440566

[Patch] https://git.kernel.org/stable/c/d8723917efda3b4f4c3de78d1ec1e1af015c0be1

[Patch] https://git.kernel.org/stable/c/dce375f4afc348c310d171abcde7ec1499a4c26a

Scores

CVSS v3 5.5

EPSS 0.0002

EPSS Percentile 4.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-401

Status published

Products (24)

linux/Kernel 4.6.0 - 5.10.249linux

linux/Kernel 5.11.0 - 5.15.199linux

linux/Kernel 5.16.0 - 6.1.162linux

linux/Kernel 6.13.0 - 6.18.9linux

linux/Kernel 6.2.0 - 6.6.123linux

linux/Kernel 6.7.0 - 6.12.69linux

Linux/Linux < 4.6

Linux/Linux 4.6

Linux/Linux 5.10.249 - 5.10.*

Linux/Linux 5.15.199 - 5.15.*

... and 14 more

Published Feb 14, 2026

Tracked Since Feb 18, 2026