CVE-2026-45921

Published: May 27, 2026

Modified: May 27, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: mtd: parsers: Fix memory leak in mtd_parser_tplink_safeloader_parse() The function mtd_parser_tplink_safeloader_parse() allocates buf via mtd_parser_tplink_safeloader_read_table(). If the allocation for parts[idx].name fails inside the loop, the code jumps to the err_free label without freeing buf, leading to a memory leak. Fix this by freeing the temporary buffer buf in the err_free label. Compile tested only. Issue found using a prototype static analysis tool and code review.

Vendor	Product	Versions
Linux	Linux	affected `00a3588084bee6f37bb2b1d343f96900cfe049bc - < 0f5e62ea5c43146eacdc6861cb1022ffae1b79bc` affected `00a3588084bee6f37bb2b1d343f96900cfe049bc - < e97f5fac8ce9a6b9ec724c97d86b0985e915fdca` affected `00a3588084bee6f37bb2b1d343f96900cfe049bc - < ec121ad626c319085f6d40a52cd04e99b4554926` affected `00a3588084bee6f37bb2b1d343f96900cfe049bc - < 971e9c53aed82f17a9c6a65daa4e21cc15eba5b1` affected `00a3588084bee6f37bb2b1d343f96900cfe049bc - < 980ce2b02dd06a4fdf5fee38b2e14becf9cf7b8b`
Linux	Linux	affected `6.2` unaffected `0 - < 6.2` unaffected `6.6.128 - <= 6.6.` unaffected `6.12.75 - <= 6.12.` unaffected `6.18.14 - <= 6.18.*` +2 more versions

References

https://git.kernel.org/stable/c/0f5e62ea5c43146eacdc6861cb1022ffae1b79bc

https://git.kernel.org/stable/c/e97f5fac8ce9a6b9ec724c97d86b0985e915fdca

https://git.kernel.org/stable/c/ec121ad626c319085f6d40a52cd04e99b4554926

https://git.kernel.org/stable/c/971e9c53aed82f17a9c6a65daa4e21cc15eba5b1

https://git.kernel.org/stable/c/980ce2b02dd06a4fdf5fee38b2e14becf9cf7b8b

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2026-45921

Description

Affected Products

References