Description
In the Linux kernel, the following vulnerability has been resolved:

of: unittest: Fix memory leak in unittest_data_add()

In unittest_data_add(), if of_resolve_phandles() fails, the allocated
unittest_data is not freed, leading to a memory leak.

Fix this by using scope-based cleanup helper __free(kfree) for automatic
resource cleanup. This ensures unittest_data is automatically freed when
it goes out of scope in error paths.

For the success path, use retain_and_null_ptr() to transfer ownership
of the memory to the device tree and prevent double freeing.
Published: 2026-02-14
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service via Resource Exhaustion
Action: Immediate Patch
AI Analysis

Impact

The vulnerability arises in the Linux kernel unittest_data_add() function, where a failed call to of_resolve_phandles() results in an allocated memory block not being freed. The unreleased memory can accumulate over time, leading to resource exhaustion. While this defect does not allow direct code execution or privilege escalation, the prolonged use of the kernel could degrade system responsiveness or cause failures, effectively creating a denial of service condition.

Affected Systems

Linux kernel builds that contain the faulty unittest_data_add() implementation, specifically the 6.19 release candidates rc1 through rc4 as indicated by the cpe entries. The issue may also affect other kernels that have not yet received the patch, depending on their inclusion of the same code path.

Risk and Exploitability

The CVSS base score of 5.5 denotes moderate severity, and an EPSS score below 1% indicates a very low probability of exploitation. The vulnerability is not listed in the CISA KEV catalog. The failure occurs during a kernel path that is typically exercised when device tree bindings are resolved, which is a local scenario requiring privileged execution. Consequently, the primary risk is that a local privileged user could repeatedly trigger the problematic code path, potentially exhausting memory over time. Remote exploitation is unlikely without additional vulnerabilities.

Generated by OpenCVE AI on April 17, 2026 at 19:38 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the Linux kernel to a version that contains the unittest_data_add memory‑leak fix
  • If upgrading immediately is not possible, avoid loading or triggering the faulty device tree unit tests that call of_resolve_phandles() until the kernel can be patched
  • Restart the system after applying the patch and monitor memory usage to confirm the leak has been eliminated

Generated by OpenCVE AI on April 17, 2026 at 19:38 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 17 Mar 2026 21:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-401
CPEs cpe:2.3:o:linux:linux_kernel:6.19:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.19:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.19:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.19:rc4:*:*:*:*:*:*
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

Mon, 16 Feb 2026 12:15:00 +0000

Type Values Removed Values Added
References

Sat, 14 Feb 2026 15:30:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: of: unittest: Fix memory leak in unittest_data_add() In unittest_data_add(), if of_resolve_phandles() fails, the allocated unittest_data is not freed, leading to a memory leak. Fix this by using scope-based cleanup helper __free(kfree) for automatic resource cleanup. This ensures unittest_data is automatically freed when it goes out of scope in error paths. For the success path, use retain_and_null_ptr() to transfer ownership of the memory to the device tree and prevent double freeing.
Title of: unittest: Fix memory leak in unittest_data_add()
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-02-14T15:22:22.690Z

Reserved: 2026-01-13T15:37:45.971Z

Link: CVE-2026-23137

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2026-02-14T16:15:53.703

Modified: 2026-03-17T21:15:45.090

Link: CVE-2026-23137

cve-icon Redhat

Severity :

Publid Date: 2026-02-14T00:00:00Z

Links: CVE-2026-23137 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-17T19:45:25Z

Weaknesses