In the Linux kernel, the following vulnerability has been resolved:
dmaengine: qcom: gpi: Fix memory leak in gpi_peripheral_config()
Fix a memory leak in gpi_peripheral_config() where the original memory
pointed to by gchan->config could be lost if krealloc() fails.
The issue occurs when:
1. gchan->config points to previously allocated memory
2. krealloc() fails and returns NULL
3. The function directly assigns NULL to gchan->config, losing the
reference to the original memory
4. The original memory becomes unreachable and cannot be freed
Fix this by using a temporary variable to hold the krealloc() result
and only updating gchan->config when the allocation succeeds.
Found via static analysis and code review.
References
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2026-01-31 12:16
Updated : 2026-03-25 16:08
NVD link : CVE-2026-23026
Mitre link : CVE-2026-23026
CVE.ORG link : CVE-2026-23026
JSON object : View
Products Affected
linux
- linux_kernel
CWE
CWE-401
Missing Release of Memory after Effective Lifetime