CVE-2026-23021

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2026-23021

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-23021.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2026-23021

Downstream

BELL-CVE-2026-23021

DEBIAN-CVE-2026-23021

DLA-4475-1

DLA-4476-1

DSA-6126-1

DSA-6127-1

ECHO-a4d7-ce0f-6800

OESA-2026-1566

OESA-2026-1567

OESA-2026-1570

ROOT-OS-DEBIAN-11-CVE-2026-23021

ROOT-OS-DEBIAN-12-CVE-2026-23021

ROOT-OS-DEBIAN-13-CVE-2026-23021

ROOT-OS-UBUNTU-2204-CVE-2026-23021

ROOT-OS-UBUNTU-2404-CVE-2026-23021

SUSE-SU-2026:0962-1

SUSE-SU-2026:20667-1

SUSE-SU-2026:20720-1

UBUNTU-CVE-2026-23021

USN-8096-1

USN-8096-2

USN-8096-3

USN-8096-4

USN-8096-5

USN-8116-1

Related

Published

2026-01-31T11:39:05.152Z

Modified

2026-03-24T08:59:20.268052Z

Summary

net: usb: pegasus: fix memory leak in update_eth_regs_async()

Details

In the Linux kernel, the following vulnerability has been resolved:

net: usb: pegasus: fix memory leak in updateethregs_async()

When asynchronously writing to the device registers and if usbsubmiturb() fail, the code fail to release allocated to this point resources.

Database specific

{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23021.json"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

323b34963d113efb566635f43858f40cce01d5f9

Fixed

5397ea6d21c35a17707e201a60761bdee00bcc4e

Fixed

a40af9a2904a1ab8ce61866ebe2a894ef30754ba

Fixed

ac5d92d2826dec51e5d4c6854865bc5817277452

Fixed

93f18eaa190374e0f2d253e3b1a65cee19a7abe6

Fixed

471dfb97599eec74e0476046b3ef8e7037f27b34

Fixed

ce6eef731aba23a988decea1df3b08cf978f7b01

Fixed

afa27621a28af317523e0836dad430bec551eb54

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-23021.json"

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

3.10.0

Fixed

5.10.248

Type: ECOSYSTEM
Events: Introduced

5.11.0

Fixed

5.15.198

Type: ECOSYSTEM
Events: Introduced

5.16.0

Fixed

6.1.161

Type: ECOSYSTEM
Events: Introduced

6.2.0

Fixed

6.6.121

Type: ECOSYSTEM
Events: Introduced

6.7.0

Fixed

6.12.66

Type: ECOSYSTEM
Events: Introduced

6.13.0

Fixed

6.18.6

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-23021.json"