VYPR
Medium severity5.5NVD Advisory· Published May 6, 2026· Updated May 8, 2026

CVE-2026-43264

CVE-2026-43264

Description

In the Linux kernel, the following vulnerability has been resolved:

fbdev: of: display_timing: fix refcount leak in of_get_display_timings()

of_parse_phandle() returns a device_node with refcount incremented, which is stored in 'entry' and then copied to 'native_mode'. When the error paths at lines 184 or 192 jump to 'entryfail', native_mode's refcount is not decremented, causing a refcount leak.

Fix this by changing the goto target from 'entryfail' to 'timingfail', which properly calls of_node_put(native_mode) before cleanup.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

1
  • cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
    Range: >=3.9,<5.10.252

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.