Skip to main content

Linux CVE-2026-23026

MEDIUM
Memory Leak (CWE-401)
2026-01-31 416baaa9-dc9f-4396-8d5f-8c081fb06d67
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
SUSE
MEDIUM
qualitative
Red Hat
4.1 MEDIUM
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

3
Patch released
Apr 09, 2026 - 20:30 nvd
Patch available
Analysis Generated
Mar 12, 2026 - 22:00 vuln.today
CVE Published
Jan 31, 2026 - 12:16 nvd
MEDIUM 5.5

DescriptionNVD

In the Linux kernel, the following vulnerability has been resolved:

dmaengine: qcom: gpi: Fix memory leak in gpi_peripheral_config()

Fix a memory leak in gpi_peripheral_config() where the original memory pointed to by gchan->config could be lost if krealloc() fails.

The issue occurs when:

  1. gchan->config points to previously allocated memory
  2. krealloc() fails and returns NULL
  3. The function directly assigns NULL to gchan->config, losing the

reference to the original memory

  1. The original memory becomes unreachable and cannot be freed

Fix this by using a temporary variable to hold the krealloc() result and only updating gchan->config when the allocation succeeds.

Found via static analysis and code review.

AnalysisAI

The Linux kernel's dmaengine QCOM GPI driver fails to properly handle krealloc() failures in gpi_peripheral_config(), causing memory leaks when reallocation of the channel configuration buffer fails. Local users with sufficient privileges can trigger this memory exhaustion condition, potentially leading to denial of service through resource depletion. A patch is not yet available for this vulnerability.

Technical ContextAI

In the Linux kernel, the following vulnerability has been resolved:

dmaengine: qcom: gpi: Fix memory leak in gpi_peripheral_config()

Fix a memory leak in gpi_peripheral_config() where the original memory pointed to by gchan->config could be lost if krealloc() fails.

The issue occurs when:

  1. gchan->config points to previously allocated memory
  2. krealloc() fails and returns NULL
  3. The function directly assigns NULL to gchan->config, losing the

reference to the original memory

  1. The origi

RemediationAI

Monitor vendor advisories for a patch.

Vendor StatusVendor

SUSE

Severity: Medium
Product Status
Container suse/sl-micro/6.0/base-os-container:2.1.3-7.105 Affected
Container suse/sl-micro/6.0/kvm-os-container:2.1.3-6.124 Affected
Container suse/sl-micro/6.0/rt-os-container:2.1.3-7.146 Affected
Container suse/sl-micro/6.1/baremetal-os-container:2.2.1-7.67 Affected
Container suse/sl-micro/6.1/base-os-container:2.2.1-5.90 Affected

Share

CVE-2026-23026 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy