Description
In the Linux kernel, the following vulnerability has been resolved:

i3c: master: renesas: Fix memory leak in renesas_i3c_i3c_xfers()

The xfer structure allocated by renesas_i3c_alloc_xfer() was never freed
in the renesas_i3c_i3c_xfers() function. Use the __free(kfree) cleanup
attribute to automatically free the memory when the variable goes out of
scope.
Published: 2026-06-24
Score: n/a
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

This vulnerability involves a memory leak in the Linux kernel's Renesas I3C master driver. The xfer structure allocated by renesas_i3c_alloc_xfer() is never freed in the renesas_i3c_i3c_xfers routine, allowing memory to accumulate with each transfer. Over time this leak can exhaust the system's memory, potentially leading to system instability or a denial‑of‑service condition for legitimate workloads.

Affected Systems

The affected products are all Linux kernel releases that contain the unpatched renesas I3C master driver code. There are no specific version ranges given, but the fix is available in the kernel commits referenced in the advisory. System administrators should verify that their kernel image incorporates the latest upstream patch set or the identified commit identifiers.

Risk and Exploitability

Based on the description, it is inferred that a local attacker or one with privileged access can trigger the leak by repeatedly initiating transfers on the Renesas I3C master interface. No EPSS score is available and the flaw is not listed in CISA's KEV catalog, indicating that, while exploitable, it has not yet been observed in the wild. The lack of a CVSS score suggests the severity is uncertain, but memory exhaustion in the kernel space is a high‑impact flaw that should be addressed promptly.

Generated by OpenCVE AI on June 24, 2026 at 19:34 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply a Linux kernel update that includes the commit fixing the memory leak.
  • Monitor system memory pressure and I3C transfer activity to detect abnormal leakage.
  • If an update cannot be applied immediately, consider disabling the Renesas I3C master driver or limiting its use, and reboot the system to recover freed memory until the patch is installed.

Generated by OpenCVE AI on June 24, 2026 at 19:34 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 24 Jun 2026 20:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-401

Wed, 24 Jun 2026 17:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: i3c: master: renesas: Fix memory leak in renesas_i3c_i3c_xfers() The xfer structure allocated by renesas_i3c_alloc_xfer() was never freed in the renesas_i3c_i3c_xfers() function. Use the __free(kfree) cleanup attribute to automatically free the memory when the variable goes out of scope.
Title i3c: master: renesas: Fix memory leak in renesas_i3c_i3c_xfers()
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-06-24T16:29:38.158Z

Reserved: 2026-06-09T07:44:35.380Z

Link: CVE-2026-53030

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-24T19:45:05Z

Weaknesses
  • CWE-401

    Missing Release of Memory after Effective Lifetime