{ "dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": { "cveId": "CVE-2026-23026", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-01-13T15:37:45.941Z", "datePublished": "2026-01-31T11:42:05.185Z", "dateUpdated": "2026-07-14T12:45:49.952Z" }, "containers": { "cna": { "providerMetadata": { "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-11T21:58:34.240Z" }, "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: qcom: gpi: Fix memory leak in gpi_peripheral_config()\n\nFix a memory leak in gpi_peripheral_config() where the original memory\npointed to by gchan->config could be lost if krealloc() fails.\n\nThe issue occurs when:\n1. gchan->config points to previously allocated memory\n2. krealloc() fails and returns NULL\n3. The function directly assigns NULL to gchan->config, losing the\n reference to the original memory\n4. The original memory becomes unreachable and cannot be freed\n\nFix this by using a temporary variable to hold the krealloc() result\nand only updating gchan->config when the allocation succeeds.\n\nFound via static analysis and code review." } ], "affected": [ { "product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": [ "drivers/dma/qcom/gpi.c" ], "versions": [ { "version": "5d0c3533a19f48e5e7e73806a3e4b29cd4364130", "lessThan": "4532f18e4ab36def1f55cd936d0fc002b2ce34c2", "status": "affected", "versionType": "git" }, { "version": "5d0c3533a19f48e5e7e73806a3e4b29cd4364130", "lessThan": "694ab1f6f16cb69f7c5ef2452b22ba7b00a3c7c7", "status": "affected", "versionType": "git" }, { "version": "5d0c3533a19f48e5e7e73806a3e4b29cd4364130", "lessThan": "6bf4ef078fd11910988889a6c0b3698d2e0c89af", "status": "affected", "versionType": "git" }, { "version": "5d0c3533a19f48e5e7e73806a3e4b29cd4364130", "lessThan": "01b1d781394fc9b83015e3a3cd46b17bda842bd8", "status": "affected", "versionType": "git" }, { "version": "5d0c3533a19f48e5e7e73806a3e4b29cd4364130", "lessThan": "55a67ba5ac4cebfd54cc8305d4d57a0f1dfe6a85", "status": "affected", "versionType": "git" }, { "version": "5d0c3533a19f48e5e7e73806a3e4b29cd4364130", "lessThan": "3f747004bbd641131d9396d87b5d2d3d1e182728", "status": "affected", "versionType": "git" } ] }, { "product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": [ "drivers/dma/qcom/gpi.c" ], "versions": [ { "version": "5.11", "status": "affected" }, { "version": "0", "lessThan": "5.11", "status": "unaffected", "versionType": "semver" }, { "version": "5.15.199", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver" }, { "version": "6.1.162", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver" }, { "version": "6.6.122", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver" }, { "version": "6.12.67", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver" }, { "version": "6.18.7", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver" }, { "version": "6.19", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix" } ] } ], "cpeApplicability": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.11", "versionEndExcluding": "5.15.199" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.11", "versionEndExcluding": "6.1.162" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.11", "versionEndExcluding": "6.6.122" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.11", "versionEndExcluding": "6.12.67" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.11", "versionEndExcluding": "6.18.7" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.11", "versionEndExcluding": "6.19" } ] } ] } ], "references": [ { "url": "https://git.kernel.org/stable/c/4532f18e4ab36def1f55cd936d0fc002b2ce34c2" }, { "url": "https://git.kernel.org/stable/c/694ab1f6f16cb69f7c5ef2452b22ba7b00a3c7c7" }, { "url": "https://git.kernel.org/stable/c/6bf4ef078fd11910988889a6c0b3698d2e0c89af" }, { "url": "https://git.kernel.org/stable/c/01b1d781394fc9b83015e3a3cd46b17bda842bd8" }, { "url": "https://git.kernel.org/stable/c/55a67ba5ac4cebfd54cc8305d4d57a0f1dfe6a85" }, { "url": "https://git.kernel.org/stable/c/3f747004bbd641131d9396d87b5d2d3d1e182728" } ], "title": "dmaengine: qcom: gpi: Fix memory leak in gpi_peripheral_config()", "x_generator": { "engine": "bippy-1.2.0" } }, "adp": [ { "x_adpType": "supplier", "providerMetadata": { "orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e", "shortName": "siemens-SADP", "dateUpdated": "2026-07-14T12:45:49.952Z" }, "affected": [ { "vendor": "Siemens", "product": "RUGGEDCOM RST2428P", "versions": [ { "status": "affected", "version": "0", "lessThan": "V4.0", "versionType": "custom" } ], "defaultStatus": "unknown" }, { "vendor": "Siemens", "product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP", "versions": [ { "status": "affected", "version": "V3.1.6", "lessThan": "*", "versionType": "custom" } ], "defaultStatus": "unknown" }, { "vendor": "Siemens", "product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP", "versions": [ { "status": "affected", "version": "V3.1.6", "lessThan": "*", "versionType": "custom" } ], "defaultStatus": "unknown" }, { "vendor": "Siemens", "product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP", "versions": [ { "status": "affected", "version": "V3.1.6", "lessThan": "*", "versionType": "custom" } ], "defaultStatus": "unknown" }, { "vendor": "Siemens", "product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP", "versions": [ { "status": "affected", "version": "V3.1.6", "lessThan": "*", "versionType": "custom" } ], "defaultStatus": "unknown" }, { "vendor": "Siemens", "product": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP", "versions": [ { "status": "affected", "version": "V3.1.6", "lessThan": "*", "versionType": "custom" } ], "defaultStatus": "unknown" } ], "references": [ { "url": "https://cert-portal.siemens.com/productcert/html/ssa-253495.html" }, { "url": "https://cert-portal.siemens.com/productcert/html/ssa-019113.html" } ] } ] } }