CVE-2026-23182

Vulnerability

In the Linux kernel's SPI Tegra driver, the function tegra_slink_probe() allocates resources but fails to free them if platform_get_irq() returns an error. Instead of jumping to cleanup code, it returns immediately, causing a memory leak. This issue is addressed in the referenced kernel stable commits [1][2].

Exploitation

The vulnerability is triggered during driver probe when the platform_get_irq() call fails, which can happen if the IRQ resource is missing or invalid. An attacker with local access or the ability to trigger device probe (e.g., via hotplug or module loading) could cause repeated probe failures, leading to memory exhaustion. No authentication is needed beyond local access.

Impact

An attacker could cause a denial of service by exhausting kernel memory through repeated probe attempts. The leak is limited to the memory allocated before the failing call, but repeated exploitation could degrade system performance.

Mitigation

The fix has been applied in the Linux kernel stable branches as referenced in commits [1][2]. Users should update to the latest kernel version containing the patch. No workaround is mentioned.