Skip to main content

Linux CVE-2026-23301

| EUVDEUVD-2026-15236 MEDIUM
Unchecked Return Value (CWE-252)
2026-03-25 Linux GHSA-hjww-hmp9-xppj
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
SUSE
5.2 MEDIUM
qualitative
Red Hat
5.5 LOW
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

5
CVSS changed
May 28, 2026 - 15:07 NVD
5.5 (MEDIUM)
Patch released
Mar 31, 2026 - 21:13 nvd
Patch available
EUVD ID Assigned
Mar 25, 2026 - 10:45 euvd
EUVD-2026-15236
Analysis Generated
Mar 25, 2026 - 10:45 vuln.today
CVE Published
Mar 25, 2026 - 10:26 nvd
N/A

DescriptionCVE.org

In the Linux kernel, the following vulnerability has been resolved:

ASoC: SDCA: Add allocation failure check for Entity name

Currently find_sdca_entity_iot() can allocate a string for the Entity name but it doesn't check if that allocation succeeded. Add the missing NULL check after the allocation.

AnalysisAI

The Linux kernel contains a memory allocation failure vulnerability in the ASoC SDCA (Serial Data Center Audio) subsystem where the find_sdca_entity_iot() function allocates memory for an Entity name but fails to validate whether the allocation succeeded. An attacker with local access could trigger memory allocation failure conditions to cause an information disclosure or denial of service, depending on how the unvalidated null pointer is subsequently used. No CVSS score, EPSS data, or KEV status is currently available for this vulnerability.

Technical ContextAI

This vulnerability exists in the Linux kernel's ALSA System-on-Chip Audio (ASoC) driver framework, specifically in the SDCA (Smart Device Communication Assistant) entity handling code. The root cause is a missing NULL pointer check following a kmalloc() or similar memory allocation call in the find_sdca_entity_iot() function, which is classified under CWE-252 (Unchecked Return Value) or CWE-690 (Unchecked Return Value from Library). The SDCA subsystem is responsible for managing audio device communication in embedded and mobile Linux systems. When the kernel attempts to allocate memory for an Entity name string but does not verify successful allocation, subsequent code dereferencing this pointer can trigger an information leak or system crash depending on the kernel memory layout and access patterns.

RemediationAI

Apply the upstream kernel patch by upgrading to a kernel version that includes commits bdcc10a86055beb7109a786d94abf5626f375bbd or 27990181031fdcdbe0f7c46011f6404e5d116386 (available via https://git.kernel.org/stable/). For distribution users, check with your Linux vendor (Red Hat, Canonical, SUSE, etc.) for backported kernel security updates. If immediate patching is not feasible, disable SDCA-based audio drivers via kernel configuration or module blacklisting if the affected subsystem is not required for your deployment. Monitor kernel logs for audio driver crashes or memory access violations that may indicate exploitation attempts.

Vendor StatusVendor

Debian

linux
Release Status Fixed Version Urgency
bullseye not-affected - -
bullseye (security) fixed 5.10.251-1 -
bookworm not-affected - -
bookworm (security) fixed 6.1.164-1 -
trixie not-affected - -
trixie (security) fixed 6.12.74-2 -
forky, sid fixed 6.19.8-1 -
(unstable) fixed 6.19.8-1 -

SUSE

Severity: Medium
Product Status
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise High Availability Extension 15 SP7 Fixed
SUSE Linux Enterprise High Availability Extension 15 SP7 Fixed
SUSE Linux Enterprise High Performance Computing 15 SP7 Fixed

Share

CVE-2026-23301 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy