CVE-2026-23260Linux vulnerability

8 documents7 sources
Severity
5.5MEDIUM
No vector
EPSS
0.0%
top 93.78%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
LinuxLinux Kernel
Timeline
PublishedMar 18

Description

In the Linux kernel, the following vulnerability has been resolved: regmap: maple: free entry on mas_store_gfp() failure regcache_maple_write() allocates a new block ('entry') to merge adjacent ranges and then stores it with mas_store_gfp(). When mas_store_gfp() fails, the new 'entry' remains allocated and is never freed, leaking memory. Free 'entry' on the failure path; on success continue freeing the replaced neighbor blocks ('lower', 'upper').

Affected Packages3 packages

Linuxlinux/linux_kernel6.4.06.6.124+2
Debianlinux/linux_kernel< 6.12.73-1+1
CVEListV5linux/linuxf033c26de5a5734625d2dd1dc196745fae186f1bd61171cf097156030142643942c217759a9cc806+4

🔴Vulnerability Details

4
OSV
CVE-2026-23260: In the Linux kernel, the following vulnerability has been resolved: regmap: maple: free entry on mas_store_gfp() failure regcache_maple_write() alloca2026-03-18
GHSA
GHSA-5crp-hwj6-6www: In the Linux kernel, the following vulnerability has been resolved: regmap: maple: free entry on mas_store_gfp() failure regcache_maple_write() allo2026-03-18
CVEList
regmap: maple: free entry on mas_store_gfp() failure2026-03-18
OSV
regmap: maple: free entry on mas_store_gfp() failure2026-03-18

📋Vendor Advisories

2
Red Hat
kernel: regmap: maple: free entry on mas_store_gfp() failure2026-03-18
Debian
CVE-2026-23260: linux - In the Linux kernel, the following vulnerability has been resolved: regmap: map...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-23260 Impact, Exploitability, and Mitigation Steps | Wiz
CVE-2026-23260 — Linux vulnerability | cvebase