CVE-2026-23337 in LinuxИнформация

Сводка

по MITRE • 25.03.2026

In the Linux kernel, the following vulnerability has been resolved:

pinctrl: pinconf-generic: Fix memory leak in pinconf_generic_parse_dt_config()

In pinconf_generic_parse_dt_config(), if parse_dt_cfg() fails, it returns directly. This bypasses the cleanup logic and results in a memory leak of the cfg buffer.

Fix this by jumping to the out label on failure, ensuring kfree(cfg) is called before returning.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Ответственный

Linux

Резервировать

13.01.2026

Раскрытие

25.03.2026

Модерация

принято

Вход

VDB-353082

CPE

готов

CWE

CWE-401 (Подтверждённый)

CVSS

5.7 (VulDB)

EPSS

0.00019

KEV

Нет

Деятельности

Очень низкий

Сектор

Pharma, Homeoffice, ...

Источники

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-23337
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-23337
CVE Details	https://www.cvedetails.com/cve/CVE-2026-23337/

◂ Предыдущий Обзор Далее ▸

Want to know what is going to be exploited?

We predict KEV entries!