CVE-2026-23030Double Free in Linux

7 documents6 sources
Severity
N/A
No vector
EPSS
0.0%
top 98.60%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
LinuxLinux KernelDebian Linux+1 more
Timeline
PublishedJan 31

Description

In the Linux kernel, the following vulnerability has been resolved: phy: rockchip: inno-usb2: Fix a double free bug in rockchip_usb2phy_probe() The for_each_available_child_of_node() calls of_node_put() to release child_np in each success loop. After breaking from the loop with the child_np has been released, the code will jump to the put_child label and will call the of_node_put() again if the devm_request_threaded_irq() fails. These cause a double free bug. Fix by returning directly to avoi

Affected Packages5 packages

Linuxlinux/linux_kernel5.17.06.1.162+3
Debianlinux/linux_kernel< 6.1.162-1+2
CVEListV5linux/linuxed2b5a8e6b98d042b323afbe177a5dc618921b31b97b2c9808c9a97e0ce30216fa12096d8b0eaa75+5
debiandebian/linux< linux 6.1.162-1 (bookworm)
debiandebian/linux-6.1< linux 6.1.162-1 (bookworm)

🔴Vulnerability Details

3
OSV
CVE-2026-23030: In the Linux kernel, the following vulnerability has been resolved: phy: rockchip: inno-usb2: Fix a double free bug in rockchip_usb2phy_probe() The fo2026-01-31
GHSA
GHSA-p937-325h-2j2f: In the Linux kernel, the following vulnerability has been resolved: phy: rockchip: inno-usb2: Fix a double free bug in rockchip_usb2phy_probe() The2026-01-31
OSV
phy: rockchip: inno-usb2: Fix a double free bug in rockchip_usb2phy_probe()2026-01-31

📋Vendor Advisories

2
Red Hat
kernel: phy: rockchip: inno-usb2: Fix a double free bug in rockchip_usb2phy_probe()2026-01-31
Debian
CVE-2026-23030: linux - In the Linux kernel, the following vulnerability has been resolved: phy: rockch...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-23030 Impact, Exploitability, and Mitigation Steps | Wiz
CVE-2026-23030 — Double Free in Linux | cvebase