CVE-2026-23021

Summary

In the Linux kernel, the following vulnerability has been resolved:

net: usb: pegasus: fix memory leak in update_eth_regs_async()

When asynchronously writing to the device registers and if usb_submit_urb() fail, the code fail to release allocated to this point resources.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux323b34963d113efb566635f43858f40cce01d5f9 < 5397ea6d21c35a17707e201a60761bdee00bcc4eaffected
LinuxLinux323b34963d113efb566635f43858f40cce01d5f9 < a40af9a2904a1ab8ce61866ebe2a894ef30754baaffected
LinuxLinux323b34963d113efb566635f43858f40cce01d5f9 < ac5d92d2826dec51e5d4c6854865bc5817277452affected
LinuxLinux323b34963d113efb566635f43858f40cce01d5f9 < 93f18eaa190374e0f2d253e3b1a65cee19a7abe6affected
LinuxLinux323b34963d113efb566635f43858f40cce01d5f9 < 471dfb97599eec74e0476046b3ef8e7037f27b34affected
LinuxLinux323b34963d113efb566635f43858f40cce01d5f9 < ce6eef731aba23a988decea1df3b08cf978f7b01affected
LinuxLinux323b34963d113efb566635f43858f40cce01d5f9 < afa27621a28af317523e0836dad430bec551eb54affected
LinuxLinux3.10affected
LinuxLinux0 < 3.10unaffected
LinuxLinux5.10.248 <= 5.10.*unaffected
LinuxLinux5.15.198 <= 5.15.*unaffected
LinuxLinux6.1.161 <= 6.1.*unaffected
LinuxLinux6.6.121 <= 6.6.*unaffected
LinuxLinux6.12.66 <= 6.12.*unaffected
LinuxLinux6.18.6 <= 6.18.*unaffected
LinuxLinux6.19 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References