CVE-2026-23015

The reference obtained by calling usbgetdev() is not released in the gpiompsseprobe() error paths. Fix that by using device managed helper functions. Also remove the usbputdev() call in the disconnect function since now it will be released automatically.

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23015.json",
    "cna_assigner": "Linux"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

c46a74ff05c0ac76ba11ef21c930c3b447abf31a

Fixed

7ea26e6dcabc270433b6ded2a1aee85b215d1b28

Fixed

1e876e5a0875e71e34148c9feb2eedd3bf6b2b43

Affected versions

v6.*

v6.12

v6.12-rc4

v6.12-rc5

v6.12-rc6

v6.12-rc7

v6.13

v6.13-rc1

v6.13-rc2

v6.13-rc3

v6.13-rc4

v6.13-rc5

v6.13-rc6

v6.13-rc7

v6.14

v6.14-rc1

v6.14-rc2

v6.14-rc3

v6.14-rc4

v6.14-rc5

v6.14-rc6

v6.14-rc7

v6.15

v6.15-rc1

v6.15-rc2

v6.15-rc3

v6.15-rc4

v6.15-rc5

v6.15-rc6

v6.15-rc7

v6.16

v6.16-rc1

v6.16-rc2

v6.16-rc3

v6.16-rc4

v6.16-rc5

v6.16-rc6

v6.16-rc7

v6.17

v6.17-rc1

v6.17-rc2

v6.17-rc3

v6.17-rc4

v6.17-rc5

v6.17-rc6

v6.17-rc7

v6.18

v6.18-rc1

v6.18-rc2

v6.18-rc3

v6.18-rc4

v6.18-rc5

v6.18-rc6

v6.18-rc7

v6.18.1

v6.18.2

v6.18.3

v6.18.4

v6.18.5

v6.19-rc1

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-23015.json"

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

6.13.0

Fixed

6.18.6

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-23015.json"