CVE-2026-45921 - Vulnerability Details

Description

In the Linux kernel, the following vulnerability has been resolved:

mtd: parsers: Fix memory leak in mtd_parser_tplink_safeloader_parse()

The function mtd_parser_tplink_safeloader_parse() allocates buf via
mtd_parser_tplink_safeloader_read_table(). If the allocation for
parts[idx].name fails inside the loop, the code jumps to the err_free
label without freeing buf, leading to a memory leak.

Fix this by freeing the temporary buffer buf in the err_free label.

Compile tested only. Issue found using a prototype static analysis tool
and code review.

Published: 2026-05-27

Score: n/a

EPSS: n/a

KEV: No

Impact:

Action:

Analysis

Impact

A flaw in the Linux kernel’s mtd_parser_tplink_safeloader_parse() function caused a memory leak when allocating the buffer used to parse a table. If the allocation for a table entry’s name fails, the code jumps to the error handling label without freeing the temporary buffer, leaving the kernel’s memory permanently allocated. Repeated exploitation via the tplink_safeloader parser can cause uncontrolled memory consumption, potentially leading to a kernel panic or degradation of system performance.

Affected Systems

The vulnerability applies to the Linux kernel globally; specific vendor and product information is limited to Linux kernel releases that include the tplink_safeloader parser. No affected version range is listed, but the issue was fixed by commits referenced in the provided kernel patch set.

Risk and Exploitability

No EPSS score or CVSS rating is provided, and the vulnerability is not listed in the CISA KEV catalog, indicating a low public exploitation probability. Attackers would need the ability to invoke the tplink_safeloader parser repeatedly on the target system, which typically requires local or privileged access. The primary risk is denial of service due to kernel memory exhaustion rather than remote code execution.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

unaffected

Version	Status	Constraints
`00a3588084bee6f37bb2b1d343f96900cfe049bc`	affected	< 0f5e62ea5c43146eacdc6861cb1022ffae1b79bc
`00a3588084bee6f37bb2b1d343f96900cfe049bc`	affected	< e97f5fac8ce9a6b9ec724c97d86b0985e915fdca
`00a3588084bee6f37bb2b1d343f96900cfe049bc`	affected	< ec121ad626c319085f6d40a52cd04e99b4554926
`00a3588084bee6f37bb2b1d343f96900cfe049bc`	affected	< 971e9c53aed82f17a9c6a65daa4e21cc15eba5b1
`00a3588084bee6f37bb2b1d343f96900cfe049bc`	affected	< 980ce2b02dd06a4fdf5fee38b2e14becf9cf7b8b

Linux

affected

Version	Status	Constraints
`6.2`	affected	—
`0`	unaffected	< 6.2
`6.6.128`	unaffected	≤ 6.6.*
`6.12.75`	unaffected	≤ 6.12.*
`6.18.14`	unaffected	≤ 6.18.*
`6.19.4`	unaffected	≤ 6.19.*
`7.0`	unaffected	≤ *

No data.

No data available yet.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Install the kernel update that includes the mtd_parser_tplink_safeloader_parse() memory leak fix, using the documentation of the referenced kernel commits.
If a kernel update cannot be applied immediately, manually patch the source tree with the commit changes and rebuild the kernel to eliminate the leak.
Disable the tplink_safeloader parser in kernel configuration (set CONFIG_TPLINK_SAFELOADER to n) if that functionality is not required, and rebuild the kernel.
Monitor system memory usage after applying the fix to verify the leak has been fully addressed.

Generated by OpenCVE AI on May 27, 2026 at 16:30 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://git.kernel.org/stable/c/0f5e62ea5c43146eacdc6861cb1022ffae1b79bc
https://git.kernel.org/stable/c/971e9c53aed82f17a9c6a65daa4e21cc15eba5b1
https://git.kernel.org/stable/c/980ce2b02dd06a4fdf5fee38b2e14becf9cf7b8b
https://git.kernel.org/stable/c/e97f5fac8ce9a6b9ec724c97d86b0985e915fdca
https://git.kernel.org/stable/c/ec121ad626c319085f6d40a52cd04e99b4554926

History

Wed, 27 May 2026 16:45:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-754 CWE-757

Wed, 27 May 2026 14:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: mtd: parsers: Fix memory leak in mtd_parser_tplink_safeloader_parse() The function mtd_parser_tplink_safeloader_parse() allocates buf via mtd_parser_tplink_safeloader_read_table(). If the allocation for parts[idx].name fails inside the loop, the code jumps to the err_free label without freeing buf, leading to a memory leak. Fix this by freeing the temporary buffer buf in the err_free label. Compile tested only. Issue found using a prototype static analysis tool and code review.
Title		mtd: parsers: Fix memory leak in mtd_parser_tplink_safeloader_parse()
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/0f5e62ea5c43146eacdc6861cb1022ffae1b79bc https://git.kernel.org/stable/c/971e9c53aed82f17a9c6a65daa4e21cc15eba5b1 https://git.kernel.org/stable/c/980ce2b02dd06a4fdf5fee38b2e14becf9cf7b8b https://git.kernel.org/stable/c/e97f5fac8ce9a6b9ec724c97d86b0985e915fdca https://git.kernel.org/stable/c/ec121ad626c319085f6d40a52cd04e99b4554926

Subscriptions

Linux Linux Kernel

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-05-27T12:17:40.032Z

Updated: 2026-05-27T12:17:40.032Z

Reserved: 2026-05-13T15:03:33.085Z

Link: CVE-2026-45921

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2026-05-27T14:17:07.070

Modified: 2026-05-27T14:48:03.013

Link: CVE-2026-45921

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-05-27T16:30:36Z

Weaknesses

Impact

Affected Systems

Risk and Exploitability

Tracking

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object