Linux Kernel EDAC VersalNet Dev Name Leak via kzalloc: CVE-2026-46221 May 2026

Linux Kernel EDAC VersalNet Dev Name Leak via kzalloc
CVE-2026-46221 Published on May 28, 2026

EDAC/versalnet: Fix device name memory leak
In the Linux kernel, the following vulnerability has been resolved: EDAC/versalnet: Fix device name memory leak The device name allocated via kzalloc() in init_one_mc() is assigned to dev->init_name but never freed on the normal removal path. device_register() copies init_name and then sets dev->init_name to NULL, so the name pointer becomes unreachable from the device. Thus leaking memory. Use a stack-local char array instead of using kzalloc() for name.

Products Associated with CVE-2026-46221

Want to know whenever a new CVE is published for Linux Kernel? stack.watch will email you.

Affected Versions

Version d5fe2fec6c40dda03df8cc9b4a97de0b7e39f984 and below 24d2912962d087ebff7c4984f8ac34a5f23c8dbf is affected.

Version d5fe2fec6c40dda03df8cc9b4a97de0b7e39f984 and below b16033c8774f5fb4c0cb9b445a1dfc68f499ae6a is affected.

Version d5fe2fec6c40dda03df8cc9b4a97de0b7e39f984 and below 8cf5dd235eff6008cb04c3d8064d2acfa90616f1 is affected.

Version 6.18 is affected.

Before 6.18 is unaffected.

Version 6.18.32, <= 6.18.* is unaffected.

Version 7.0.9, <= 7.0.* is unaffected.

Version 7.1-rc3, <= * is unaffected.

Linux Kernel EDAC VersalNet Dev Name Leak via kzallocCVE-2026-46221 Published on May 28, 2026

Products Associated with CVE-2026-46221

Affected Versions

Linux Kernel EDAC VersalNet Dev Name Leak via kzalloc
CVE-2026-46221 Published on May 28, 2026