Linux Kernel MPFS SysCtl Probe Memory Leak
CVE-2026-23464 Published on April 3, 2026
soc: microchip: mpfs: Fix memory leak in mpfs_sys_controller_probe()
In the Linux kernel, the following vulnerability has been resolved:
soc: microchip: mpfs: Fix memory leak in mpfs_sys_controller_probe()
In mpfs_sys_controller_probe(), if of_get_mtd_device_by_node() fails,
the function returns immediately without freeing the allocated memory
for sys_controller, leading to a memory leak.
Fix this by jumping to the out_free label to ensure the memory is
properly freed.
Also, consolidate the error handling for the mbox_request_channel()
failure case to use the same label.
Products Associated with CVE-2026-23464
Want to know whenever a new CVE is published for Linux Kernel? stack.watch will email you.
Affected Versions
Linux:- Version 742aa6c563d29c367edbf0ef7236a7a853ed9be4 and below da4b44c42f40501db35f5d0a6243708a061490a0 is affected.
- Version 742aa6c563d29c367edbf0ef7236a7a853ed9be4 and below e3dd5cffba07de6574165a72851471cd42cc6d15 is affected.
- Version 742aa6c563d29c367edbf0ef7236a7a853ed9be4 and below 17c84fb7cf3971cc621646185d785670e9530ca1 is affected.
- Version 742aa6c563d29c367edbf0ef7236a7a853ed9be4 and below 5a741f8cc6fe62542f955cd8d24933a1b6589cbd is affected.
- Version 6.8 is affected.
- Before 6.8 is unaffected.
- Version 6.12.78, <= 6.12.* is unaffected.
- Version 6.18.20, <= 6.18.* is unaffected.
- Version 6.19.10, <= 6.19.* is unaffected.
- Version 7.0-rc5, <= * is unaffected.