CVE-2026-45922

Source
https://cve.org/CVERecord?id=CVE-2026-45922
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-45922.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-45922
Downstream
Published
2026-05-27T12:17:41.431Z
Modified
2026-07-08T08:13:33.100667978Z
Summary
RDMA/mlx5: Fix memory leak in GET_DATA_DIRECT_SYSFS_PATH handler
Details

In the Linux kernel, the following vulnerability has been resolved:

RDMA/mlx5: Fix memory leak in GETDATADIRECTSYSFSPATH handler

The UVERBSHANDLER(MLX5IBMETHODGETDATADIRECTSYSFSPATH) function allocates memory for the device path using kobjectgetpath(). If the length of the device path exceeds the output buffer length, the function returns -ENOSPC but does not free the allocated memory, resulting in a memory leak.

Add a kfree() call to the error path to ensure the allocated memory is properly freed.

Compile tested only. Issue found using a prototype static analysis tool and code review.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/45xxx/CVE-2026-45922.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
ec7ad6530909983c8736c80af46e3529ce7bab55
Fixed
ee998cdbff6680891b0efd9d6ce53a388e5342c3
Fixed
b2bc649c18fbe8a7fd38d17266da3dcbfbcc44d2
Fixed
b3a10eca24fcfe913c0875e620f19596001bd6dc
Fixed
9b9d253908478f504297ac283c514e5953ddafa6

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-45922.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.12.0
Fixed
6.12.75
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.18.14
Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
6.19.4

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-45922.json"