EUVD-2026-12894
Lifecycle Timeline
4Description
In the Linux kernel, the following vulnerability has been resolved: regmap: maple: free entry on mas_store_gfp() failure regcache_maple_write() allocates a new block ('entry') to merge adjacent ranges and then stores it with mas_store_gfp(). When mas_store_gfp() fails, the new 'entry' remains allocated and is never freed, leaking memory. Free 'entry' on the failure path; on success continue freeing the replaced neighbor blocks ('lower', 'upper').
Analysis
A memory leak vulnerability exists in the Linux kernel's regmap maple tree caching implementation where allocated memory is not freed when the mas_store_gfp() function fails during a write operation. This affects all Linux kernel versions containing the vulnerable regcache_maple_write() function, potentially allowing local attackers to exhaust kernel memory through repeated cache write failures. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Priority Score
Vendor Status
Debian
| Release | Status | Fixed Version | Urgency |
|---|---|---|---|
| bullseye | vulnerable | 5.10.223-1 | - |
| bullseye (security) | vulnerable | 5.10.251-1 | - |
| bookworm | vulnerable | 6.1.159-1 | - |
| bookworm (security) | vulnerable | 6.1.164-1 | - |
| trixie | fixed | 6.12.73-1 | - |
| trixie (security) | fixed | 6.12.74-2 | - |
| forky | fixed | 6.19.6-2 | - |
| sid | fixed | 6.19.8-1 | - |
| (unstable) | fixed | 6.18.10-1 | - |
Share
External POC / Exploit Code
Leaving vuln.today