CVE-2026-53226

Source
https://cve.org/CVERecord?id=CVE-2026-53226
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-53226.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-53226
Downstream
Related
Published
2026-06-25T08:39:26.567Z
Modified
2026-07-08T08:13:43.896646929Z
Summary
gpio: rockchip: fix generic IRQ chip leak on remove
Details

In the Linux kernel, the following vulnerability has been resolved:

gpio: rockchip: fix generic IRQ chip leak on remove

The driver allocates domain generic chips using irqallocdomaingenericchips() during probe. However, on driver remove/teardown, the generic chips are not automatically freed when the IRQ domain is removed because the domain flags do not include IRQDOMAINFLAGDESTROYGC.

This causes both the domain generic chips structure and the associated generic chips to be leaked. Additionally, the generic chips remain on the global gc_list and may later be visited by generic IRQ chip suspend, resume, or shutdown callbacks after the GPIO bank has been removed, potentially resulting in a use-after-free and kernel crash.

Fix the resource leak by explicitly calling irqdomainremovegenericchips() before removing the IRQ domain in rockchipgpioremove().

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/53xxx/CVE-2026-53226.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
936ee2675eee1faca0dcdfa79165c7990422e0fc
Fixed
bace7b99bfa555fe833aee8827b8004c43666d02
Fixed
1f34ea5f6114011092d9a5c8b901ad6741144a1d
Fixed
1c1e0fc88d6ef65bf15d517853251f75ab9d18c3

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-53226.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.15.0
Fixed
6.18.36
Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
7.0.13

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-53226.json"