Description
In the Linux kernel, the following vulnerability has been resolved:

thermal/of: Fix reference leak in thermal_of_cm_lookup()

In thermal_of_cm_lookup(), tr_np is obtained via of_parse_phandle(), but
never released.

Use the __free(device_node) cleanup attribute to automatically release
the node and fix the leak.

[ rjw: Changelog edits ]
Published: 2026-05-27
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

In kernel source thermal_of_cm_lookup(), a device node returned by of_parse_phandle() is never released, creating a reference leak that can progressively increase kernel memory usage until the system exhausts critical resources. The flaw represents a reference leak weakness (CWE-772).

Affected Systems

Any Linux kernel version built before the remediation commit 025796c is affected. Distributions that have not incorporated this patch into their kernel packages remain vulnerable. Updating to a kernel release that includes the __free(device_node) cleanup attribute resolves the issue.

Risk and Exploitability

The CVSS score is 5.5, indicating moderate severity. The description does not disclose an active exploitation vector or known exploitation instances. The EPSS score of < 1% indicates a very low exploitation probability, and the vulnerability is not listed in the CISA KEV catalog, indicating no publicly reported exploits. The primary risk is a potential denial of service through uncontrolled kernel memory growth if the kernel repeatedly executes thermal_of_cm_lookup(), though no specific attacker model is provided in the advisory.

Generated by OpenCVE AI on May 28, 2026 at 16:46 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the kernel to a version that contains the patch for thermal_of_cm_lookup()—for example, install the latest stable kernel from your distribution or apply the upstream commit 025796c to a custom build.
  • Reboot the system so the updated kernel is loaded and the reference leak no longer occurs.
  • If an immediate kernel upgrade is not possible, temporarily disable the thermal subsystem or related services that trigger thermal_of_cm_lookup() to limit exposure, and monitor system memory usage for abnormal growth.

Generated by OpenCVE AI on May 28, 2026 at 16:46 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 28 May 2026 15:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-401

Thu, 28 May 2026 12:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-772
References
Metrics threat_severity

None

 cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

threat_severity

Low

Wed, 27 May 2026 22:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-401

Wed, 27 May 2026 14:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: thermal/of: Fix reference leak in thermal_of_cm_lookup() In thermal_of_cm_lookup(), tr_np is obtained via of_parse_phandle(), but never released. Use the __free(device_node) cleanup attribute to automatically release the node and fix the leak. [ rjw: Changelog edits ]
Title thermal/of: Fix reference leak in thermal_of_cm_lookup()
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-05-27T12:17:43.889Z

Reserved: 2026-05-13T15:03:33.086Z

Link: CVE-2026-45925

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-27T14:17:08.343

Modified: 2026-05-27T14:48:03.013

Link: CVE-2026-45925

cve-icon Redhat

Severity : Low

Publid Date: 2026-05-27T00:00:00Z

Links: CVE-2026-45925 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-05-28T17:00:13Z

Weaknesses