CVE-2026-23301

MEDIUM

ASoC: SDCA: Add allocation failure check for Entity name

Title source: cna
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: ASoC: SDCA: Add allocation failure check for Entity name Currently find_sdca_entity_iot() can allocate a string for the Entity name but it doesn't check if that allocation succeeded. Add the missing NULL check after the allocation.

Scores

CVSS v3 5.5
EPSS 0.0011
EPSS Percentile 1.4%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-252
Status published
Products (10)
linux/Kernel 6.19.0 - 6.19.7linux
Linux/Linux < 6.19
Linux/Linux 48fa77af2f4a55ab961520f2a0e50560dc0baca8 - 27990181031fdcdbe0f7c46011f6404e5d116386
Linux/Linux 48fa77af2f4a55ab961520f2a0e50560dc0baca8 - bdcc10a86055beb7109a786d94abf5626f375bbd
Linux/Linux 6.19
Linux/Linux 6.19.7 - 6.19.*
Linux/Linux 7.0
Linux/Linux 7.0-rc3
linux/linux_kernel 7.0 rc1 (2 CPE variants)
linux/linux_kernel 6.19 - 6.19.7
Published Mar 25, 2026
Tracked Since Mar 25, 2026