CVE-2026-45863

Source
https://cve.org/CVERecord?id=CVE-2026-45863
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-45863.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-45863
Downstream
Published
2026-05-27T12:15:42.685Z
Modified
2026-07-08T08:09:39.338502262Z
Summary
i3c: dw: Fix memory leak in dw_i3c_master_i2c_xfers()
Details

In the Linux kernel, the following vulnerability has been resolved:

i3c: dw: Fix memory leak in dwi3cmasteri2cxfers()

The dwi3cmasteri2cxfers() function allocates memory for the xfer structure using dwi3cmasterallocxfer(). If pmruntimeresumeandget() fails, the function returns without freeing the allocated xfer, resulting in a memory leak.

Add a dwi3cmasterfreexfer() call to the error path to ensure the allocated memory is properly freed.

Compile tested only. Issue found using a prototype static analysis tool and code review.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/45xxx/CVE-2026-45863.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
62fe9d06f5709caa1fa68055873ff279e05ade37
Fixed
140a45bd4f6db7d1b30cab967d29689b946c52fa
Fixed
8e71414e252c1cb235911008a98fd47927d3a55c
Fixed
a2c41467ef42f69a3958493a0395ba75174710dc
Fixed
2537089413514caaa9a5fdeeac3a34d45100f747

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-45863.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.11.0
Fixed
6.12.75
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.18.14
Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
6.19.4

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-45863.json"