Description
In the Linux kernel, the following vulnerability has been resolved:

fbdev: au1200fb: Fix a memory leak in au1200fb_drv_probe()

In au1200fb_drv_probe(), when platform_get_irq fails(), it directly
returns from the function with an error code, which causes a memory
leak.

Replace it with a goto label to ensure proper cleanup.
Published: 2026-05-27
Score: n/a
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A memory leak in the Linux kernel’s au1200fb driver occurs when the probe function encounters an IRQ retrieval failure. The driver returns prematurely without freeing allocated resources, leading to an incremental leak that may deplete kernel memory over time. While the issue does not grant direct control or data exfiltration, sustained exploitation can cause a denial of service by exhausting memory available for the OS and other processes.

Affected Systems

The vulnerability affects the Linux kernel, specifically the au1200fb framebuffer driver for the Atheros Auna 1200 platform. No specific kernel version is listed as affected, and the patch references are present only in the kernel source history without a defined release date.

Risk and Exploitability

The CVSS score is not provided, so the formal risk assessment is unavailable. The EPSS score is not reported, and the vulnerability is not listed in the CISA KEV catalog, indicating no confirmed exploitation in the wild. The attack vector is inferred to be local, as the memory leak occurs only when the hardware device is probed during kernel initialization. Exploitation would require a user who can influence the presence of the device or trigger a kernel reboot to force the probe again, making this a low‑confidence risk relative to more direct exploits. Nonetheless, the lack of cleanup can lead to eventual service interruption if left unpatched.

Generated by OpenCVE AI on May 27, 2026 at 17:23 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the Linux kernel to a release that includes commit 071d8fb or the equivalent patch for au1200fb.
  • If an update is not immediately possible, download the diff from the referenced git commits and apply the patch manually to the kernel source before building.
  • Reboot the system after applying the update or patch to ensure the driver is reloaded with the proper cleanup logic.

Generated by OpenCVE AI on May 27, 2026 at 17:23 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 27 May 2026 17:45:00 +0000

Type Values Removed Values Added
Weaknesses CWE-401

Wed, 27 May 2026 14:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: fbdev: au1200fb: Fix a memory leak in au1200fb_drv_probe() In au1200fb_drv_probe(), when platform_get_irq fails(), it directly returns from the function with an error code, which causes a memory leak. Replace it with a goto label to ensure proper cleanup.
Title fbdev: au1200fb: Fix a memory leak in au1200fb_drv_probe()
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-05-27T12:18:10.004Z

Reserved: 2026-05-13T15:03:33.088Z

Link: CVE-2026-45954

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-27T14:17:11.917

Modified: 2026-05-27T14:48:03.013

Link: CVE-2026-45954

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-27T17:30:38Z

Weaknesses