CVE-2026-45881

MEDIUM

soc: mediatek: svs: Fix memory leak in svs_enable_debug_write()

Title source: cna
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: soc: mediatek: svs: Fix memory leak in svs_enable_debug_write() In svs_enable_debug_write(), the buf allocated by memdup_user_nul() is leaked if kstrtoint() fails. Fix this by using __free(kfree) to automatically free buf, eliminating the need for explicit kfree() calls and preventing leaks. [Angelo: Added missing cleanup.h inclusion]

Scores

CVSS v3 5.5
EPSS 0.0016
EPSS Percentile 5.1%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-401
Status published
Products (20)
linux/Kernel 6.0.0 - 6.1.165linux
linux/Kernel 6.13.0 - 6.18.14linux
linux/Kernel 6.19.0 - 6.19.4linux
linux/Kernel 6.2.0 - 6.6.128linux
linux/Kernel 6.7.0 - 6.12.75linux
Linux/Linux < 6.0
Linux/Linux 13f1bbcfb5822fcaacfc652017b57b79ffcacefa - 06195456c4e4de3826c4ca60eca941c472f991d0
Linux/Linux 13f1bbcfb5822fcaacfc652017b57b79ffcacefa - 0f6498077faa9cd89bb787bcc57063494a6f0601
Linux/Linux 13f1bbcfb5822fcaacfc652017b57b79ffcacefa - 47a3e372f7d68776adb749a27c0ec9058ff1b4fd
Linux/Linux 13f1bbcfb5822fcaacfc652017b57b79ffcacefa - 6259094ee806fb813ca95894c65fb80e2ec98bf1
... and 10 more
Published May 27, 2026
Tracked Since May 27, 2026