CVE-2026-23162

In the Linux kernel, the following vulnerability has been resolved:

drm/xe/nvm: Fix double-free on aux add failure

After a successful auxiliarydeviceinit(), auxdev->dev.release (xenvmreleasedev()) is responsible for the kfree(nvm). When there is failure with auxiliarydeviceadd(), driver will call auxiliarydeviceuninit(), which call putdevice(). So that the .release callback will be triggered to free the memory associated with the auxiliarydevice.

Move the kfree(nvm) into the auxiliarydeviceinit() failure path and remove the err goto path to fix below error.

" [ 13.232905] ================================================================== [ 13.232911] BUG: KASAN: double-free in xenvminit+0x751/0xf10 [xe] [ 13.233112] Free of addr ffff888120635000 by task systemd-udevd/273

[ 13.233120] CPU: 8 UID: 0 PID: 273 Comm: systemd-udevd Not tainted 6.19.0-rc2-lgci-xe-kernel+ #225 PREEMPT(voluntary) ... [ 13.233125] Call Trace: [ 13.233126] <TASK> [ 13.233127] dumpstacklvl+0x7f/0xc0 [ 13.233132] printreport+0xce/0x610 [ 13.233136] ? kasancompletemodereportinfo+0x5d/0x1e0 [ 13.233139] ? xenvm_init+0x751/0xf10 [xe] ... "

v2: drop err goto path. (Alexander)

(cherry picked from commit a3187c0c2bbd947ffff97f90d077ac88f9c2a215)