VYPR
Unrated severityNVD Advisory· Published May 27, 2026· Updated May 27, 2026

CVE-2026-45868

CVE-2026-45868

Description

In the Linux kernel, the following vulnerability has been resolved:

pinctrl: single: fix refcount leak in pcs_add_gpio_func()

of_parse_phandle_with_args() returns a device_node pointer with refcount incremented in gpiospec.np. The loop iterates through all phandles but never releases the reference, causing a refcount leak on each iteration.

Add of_node_put() calls to release the reference after extracting the needed arguments and on the error path when devm_kzalloc() fails.

This bug was detected by our static analysis tool and verified by my code review.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.