CVE-2026-23160
- Source
- https://cve.org/CVERecord?id=CVE-2026-23160
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-23160.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2026-23160
- Downstream
- Published
- 2026-02-14T16:01:25.900Z
- Modified
- 2026-04-02T13:12:09.363247Z
- Summary
- octeon_ep: Fix memory leak in octep_device_setup()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
octeonep: Fix memory leak in octepdevice_setup()
In octepdevicesetup(), if octepctrlnet_init() fails, the function returns directly without unmapping the mapped resources and freeing the allocated configuration memory.
Fix this by jumping to the unsupported_dev label, which performs the necessary cleanup. This aligns with the error handling logic of other paths in this function.
Compile tested only. Issue found using a prototype static analysis tool and code review.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23160.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/stable/c/5058d3f8f17202e673f90af1446252322bd0850f
- https://git.kernel.org/stable/c/8016dc5ee19a77678c264f8ba368b1e873fa705b
- https://git.kernel.org/stable/c/d753f3c3f9d7a6e6dbb4d3a97b73007d71624551
- https://git.kernel.org/stable/c/fdfd28e13c244d7c3345e74f339fd1b67605b694
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23160.json
- https://nvd.nist.gov/vuln/detail/CVE-2026-23160
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced577f0d1b1c5f3282fa2011177b0af692a7c21aeeFixed5058d3f8f17202e673f90af1446252322bd0850fFixedfdfd28e13c244d7c3345e74f339fd1b67605b694Fixedd753f3c3f9d7a6e6dbb4d3a97b73007d71624551Fixed8016dc5ee19a77678c264f8ba368b1e873fa705b