CVE-2026-23164
Published: Feb 14, 2026
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: rocker: fix memory leak in rocker_world_port_post_fini() In rocker_world_port_pre_init(), rocker_port->wpriv is allocated with kzalloc(wops->port_priv_size, GFP_KERNEL). However, in rocker_world_port_post_fini(), the memory is only freed when wops->port_post_fini callback is set: if (!wops->port_post_fini) return; wops->port_post_fini(rocker_port); kfree(rocker_port->wpriv); Since rocker_ofdpa_ops does not implement port_post_fini callback (it is NULL), the wpriv memory allocated for each port is never freed when ports are removed. This leads to a memory leak of sizeof(struct ofdpa_port) bytes per port on every device removal. Fix this by always calling kfree(rocker_port->wpriv) regardless of whether the port_post_fini callback exists.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected e420114eef4a3a5025a243b89b0dc343101e3d3c - < 2a3a64d75d2d0727da285749476761ebcad557a3affected e420114eef4a3a5025a243b89b0dc343101e3d3c - < b11e6f926480ab0939fec44781f28558c54be4e7affected e420114eef4a3a5025a243b89b0dc343101e3d3c - < 8ce2e85889939c02740b4245301aa5c35fc94887affected e420114eef4a3a5025a243b89b0dc343101e3d3c - < d448bf96889f1905e740c554780f5c9fa0440566affected e420114eef4a3a5025a243b89b0dc343101e3d3c - < d8723917efda3b4f4c3de78d1ec1e1af015c0be1+2 more versions |
Linux | Linux | affected 4.6unaffected 0 - < 4.6unaffected 5.10.249 - <= 5.10.*unaffected 5.15.199 - <= 5.15.*unaffected 6.1.162 - <= 6.1.*+4 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now