CVE-2026-23337

Published: Mar 25, 2026

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: pinctrl: pinconf-generic: Fix memory leak in pinconf_generic_parse_dt_config() In pinconf_generic_parse_dt_config(), if parse_dt_cfg() fails, it returns directly. This bypasses the cleanup logic and results in a memory leak of the cfg buffer. Fix this by jumping to the out label on failure, ensuring kfree(cfg) is called before returning.

Vendor	Product	Versions
Linux	Linux	affected `90a18c512884adb49ddc2fb30e94594169aae808 - < 63ee429780a5d43b5b4406c6128109b0f47cf2f1` affected `90a18c512884adb49ddc2fb30e94594169aae808 - < 7a648d598cb8e8c62af3f0e020a25820a3f3a9a7`
Linux	Linux	affected `6.19` unaffected `0 - < 6.19` unaffected `6.19.7 - <= 6.19.` unaffected `7.0 - <= `

References

https://git.kernel.org/stable/c/63ee429780a5d43b5b4406c6128109b0f47cf2f1

https://git.kernel.org/stable/c/7a648d598cb8e8c62af3f0e020a25820a3f3a9a7

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2026-23337

Description

Affected Products

References