CVE-2026-45939 - Vulnerability Details

- gpib: Fix memory leak in ni_usb_init()

Description

In the Linux kernel, the following vulnerability has been resolved:

gpib: Fix memory leak in ni_usb_init()

In ni_usb_init(), if ni_usb_setup_init() fails, the function returns
-EFAULT without freeing the allocated writes buffer, leading to a
memory leak.

Additionally, ni_usb_setup_init() returns 0 on failure, which causes
ni_usb_init() to return -EFAULT, an inappropriate error code for this
situation.

Fix the leak by freeing writes in the error path. Modify
ni_usb_setup_init() to return -EINVAL on failure and propagate this
error code in ni_usb_init().

Published: 2026-05-27

Score: n/a

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

In the Linux kernel GPIB USB driver, the function ni_usb_init() allocates a writes buffer that is not freed when the helper ni_usb_setup_init() fails. This memory leak in kernel space can gradually deplete available memory, potentially degrading performance or causing a kernel crash. Additionally, the function returns an incorrect error code (-EFAULT) when the helper fails, which may mislead callers about the failure reason and represents a CWE‑772 vulnerability.

Affected Systems

All Linux kernel releases that include the unpatched GPIB USB driver. Any system running such a kernel version while the GPIB USB module is loaded is vulnerable.

Risk and Exploitability

The flaw does not provide remote code execution or privilege escalation. Exploitation requires local access to trigger the initialization path, such as by repeatedly opening the GPIB device from user space. Based on the description, it is inferred that an attacker with local privilege can repeatedly exercise the vulnerable path to exhaust kernel memory. The EPSS score of <1% indicates a very low probability of widespread exploitation. This issue is not listed in the CISA KEV catalog, and the overall risk is limited to memory exhaustion rather than direct data compromise.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

unaffected

Version	Status	Constraints
`4e127de14fa78bcd98c6459b0b984b8266cd0203`	affected	< 9c97fcfb7a62dea893104a046d544da8ac23370b
`4e127de14fa78bcd98c6459b0b984b8266cd0203`	affected	< c899d4b62c0757a280831e89c1f3801b597e8f38
`4e127de14fa78bcd98c6459b0b984b8266cd0203`	affected	< b89921eed8cf2d97250bac4be38dbcfbf048b586

Linux

affected

Version	Status	Constraints
`6.13`	affected	—
`0`	unaffected	< 6.13
`6.18.14`	unaffected	≤ 6.18.*
`6.19.4`	unaffected	≤ 6.19.*
`7.0`	unaffected	≤ *

No data.

Vendor Product Confidence Versions

Linux

Linux Kernel

99%

Version	Status	Scheme	Platform
`[4e127de14fa78bcd98c6459b0b984b8266cd0203,9c97fcfb7a62dea893104a046d544da8ac23370b)`	affected	code_commit	—
`[4e127de14fa78bcd98c6459b0b984b8266cd0203,c899d4b62c0757a280831e89c1f3801b597e8f38)`	affected	code_commit	—
`[4e127de14fa78bcd98c6459b0b984b8266cd0203,b89921eed8cf2d97250bac4be38dbcfbf048b586)`	affected	code_commit	—

Linux

Linux Kernel

99%

Version	Status	Scheme	Platform
`6.13`	affected	semver	—
`[0,6.13)`	unaffected	semver	—
`[6.18.14,6.19.0)`	unaffected	semver	—
`[6.19.4,6.20.0)`	unaffected	semver	—
`[7.0,*]`	unaffected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade the Linux kernel to a version that includes the patch freeing the writes buffer on initialization failure.
Reload the GPIB USB kernel module or reboot the system to clear any leaks created before the patch was applied.
If the GPIB USB driver is not required, disable or remove the module so that the vulnerable code never executes.

Generated by OpenCVE AI on May 28, 2026 at 17:27 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00166.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://git.kernel.org/stable/c/9c97fcfb7a62dea893104a046d544da8ac23370b
https://git.kernel.org/stable/c/b89921eed8cf2d97250bac4be38dbcfbf048b586
https://git.kernel.org/stable/c/c899d4b62c0757a280831e89c1f3801b597e8f38
https://lore.kernel.org/linux-cve-announce/2026052728-CVE-2026-45939-1264@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2026-45939
https://www.cve.org/CVERecord?id=CVE-2026-45939

History

Thu, 28 May 2026 15:30:00 +0000

Type	Values Removed	Values Added
Weaknesses	CWE-401

Thu, 28 May 2026 12:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-772
References		https://lore.kernel.org/linux-cve-announce/2026052728-CVE-2026-45939-1264@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2026-45939 https://www.cve.org/CVERecord?id=CVE-2026-45939

Wed, 27 May 2026 16:45:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-401

Wed, 27 May 2026 14:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: gpib: Fix memory leak in ni_usb_init() In ni_usb_init(), if ni_usb_setup_init() fails, the function returns -EFAULT without freeing the allocated writes buffer, leading to a memory leak. Additionally, ni_usb_setup_init() returns 0 on failure, which causes ni_usb_init() to return -EFAULT, an inappropriate error code for this situation. Fix the leak by freeing writes in the error path. Modify ni_usb_setup_init() to return -EINVAL on failure and propagate this error code in ni_usb_init().
Title		gpib: Fix memory leak in ni_usb_init()
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/9c97fcfb7a62dea893104a046d544da8ac23370b https://git.kernel.org/stable/c/b89921eed8cf2d97250bac4be38dbcfbf048b586 https://git.kernel.org/stable/c/c899d4b62c0757a280831e89c1f3801b597e8f38

Subscriptions

Linux Linux Kernel

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-05-27T12:17:55.481Z

Updated: 2026-05-27T12:17:55.481Z

Reserved: 2026-05-13T15:03:33.087Z

Link: CVE-2026-45939

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2026-05-27T14:17:10.083

Modified: 2026-05-27T14:48:03.013

Link: CVE-2026-45939

Redhat

Severity :

Publid Date: 2026-05-27T00:00:00Z

Links: CVE-2026-45939 - Bugzilla

OpenCVE Enrichment

Updated: 2026-05-28T17:30:15Z

Weaknesses

CWE-772
Missing Release of Resource after Effective Lifetime

Impact

Affected Systems

Risk and Exploitability

Tracking

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object