Medium severity5.5NVD Advisory· Published Apr 3, 2026· Updated May 20, 2026
CVE-2026-23464
CVE-2026-23464
Description
In the Linux kernel, the following vulnerability has been resolved:
soc: microchip: mpfs: Fix memory leak in mpfs_sys_controller_probe()
In mpfs_sys_controller_probe(), if of_get_mtd_device_by_node() fails, the function returns immediately without freeing the allocated memory for sys_controller, leading to a memory leak.
Fix this by jumping to the out_free label to ensure the memory is properly freed.
Also, consolidate the error handling for the mbox_request_channel() failure case to use the same label.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*range: >=6.8,<6.12.78
- cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.