CVE-2026-45881

medium

Description

In the Linux kernel, the following vulnerability has been resolved: soc: mediatek: svs: Fix memory leak in svs_enable_debug_write() In svs_enable_debug_write(), the buf allocated by memdup_user_nul() is leaked if kstrtoint() fails. Fix this by using __free(kfree) to automatically free buf, eliminating the need for explicit kfree() calls and preventing leaks. [Angelo: Added missing cleanup.h inclusion]

References

https://git.kernel.org/stable/c/a58c97828911c0b6e25d6b556789da974003efda

https://git.kernel.org/stable/c/6bb10466e0884b4a68d4a1f3f4bb87eeb471c18a

https://git.kernel.org/stable/c/6259094ee806fb813ca95894c65fb80e2ec98bf1

https://git.kernel.org/stable/c/47a3e372f7d68776adb749a27c0ec9058ff1b4fd

https://git.kernel.org/stable/c/0f6498077faa9cd89bb787bcc57063494a6f0601

https://git.kernel.org/stable/c/06195456c4e4de3826c4ca60eca941c472f991d0

Details

Source: Mitre, NVD

Published: 2026-05-27

Updated: 2026-06-25

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium

EPSS

EPSS: 0.00024