CVE-2026-23065 — Missing Release of Memory after Effective Lifetime in Linux

CWE-401 — Missing Release of Memory after Effective Lifetime7 documents7 sources

Severity

5.5MEDIUMNVD

EPSS

0.0%

top 95.75%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel

Timeline

PublishedFeb 4

Description

In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd: Fix memory leak in wbrf_record() The tmp buffer is allocated using kcalloc() but is not freed if acpi_evaluate_dsm() fails. This causes a memory leak in the error path. Fix this by explicitly freeing the tmp buffer in the error handling path of acpi_evaluate_dsm().

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages3 packages

▶NVDlinux/linux_kernel6.8 — 6.12.68+2

▶Debianlinux/linux_kernel< 6.12.69-1+1

▶CVEListV5linux/linux58e82a62669da52e688f4a8b89922c1839bf1001 — 1152dffe01af86e42ce2b208b92ef7f8c275d130+3

Patches

Patch: git.kernel.org ↗Patch: git.kernel.org ↗Patch: git.kernel.org ↗

🔴Vulnerability Details

CVEList

platform/x86/amd: Fix memory leak in wbrf_record()↗2026-02-04

▶

OSV

CVE-2026-23065: In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd: Fix memory leak in wbrf_record() The tmp buffer is allocated usi↗2026-02-04

▶

GHSA

GHSA-4v3j-3fr4-cjrj: In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd: Fix memory leak in wbrf_record() The tmp buffer is allocated u↗2026-02-04

▶

📋Vendor Advisories

Red Hat

kernel: platform/x86/amd: Fix memory leak in wbrf_record()↗2026-02-04

▶

Debian

CVE-2026-23065: linux - In the Linux kernel, the following vulnerability has been resolved: platform/x8...↗2026

▶

🕵️Threat Intelligence

Wiz

CVE-2026-23065 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶