DEBIAN-CVE-2026-23162
- Source
- https://security-tracker.debian.org/tracker/CVE-2026-23162
- Import Source
- https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2026-23162.json
- JSON Data
- https://api.osv.dev/v1/vulns/DEBIAN-CVE-2026-23162
- Upstream
- Published
- 2026-02-14T16:15:56.383Z
- Modified
- 2026-02-15T11:01:30.401494Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved: drm/xe/nvm: Fix double-free on aux add failure After a successful auxiliarydeviceinit(), auxdev->dev.release (xenvmreleasedev()) is responsible for the kfree(nvm). When there is failure with auxiliarydeviceadd(), driver will call auxiliarydeviceuninit(), which call putdevice(). So that the .release callback will be triggered to free the memory associated with the auxiliarydevice. Move the kfree(nvm) into the auxiliarydeviceinit() failure path and remove the err goto path to fix below error. " [ 13.232905] ================================================================== [ 13.232911] BUG: KASAN: double-free in xenvminit+0x751/0xf10 [xe] [ 13.233112] Free of addr ffff888120635000 by task systemd-udevd/273 [ 13.233120] CPU: 8 UID: 0 PID: 273 Comm: systemd-udevd Not tainted 6.19.0-rc2-lgci-xe-kernel+ #225 PREEMPT(voluntary) ... [ 13.233125] Call Trace: [ 13.233126] <TASK> [ 13.233127] dumpstacklvl+0x7f/0xc0 [ 13.233132] printreport+0xce/0x610 [ 13.233136] ? kasancompletemodereportinfo+0x5d/0x1e0 [ 13.233139] ? xenvm_init+0x751/0xf10 [xe] ... " v2: drop err goto path. (Alexander) (cherry picked from commit a3187c0c2bbd947ffff97f90d077ac88f9c2a215)
- References
Affected packages
Debian:14 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed6.18.9-1