CVE-2026-23431

Summary

In the Linux kernel, the following vulnerability has been resolved:

spi: amlogic-spisg: Fix memory leak in aml_spisg_probe()

In aml_spisg_probe(), ctlr is allocated by spi_alloc_target()/spi_alloc_host(), but fails to call spi_controller_put() in several error paths. This leads to a memory leak whenever the driver fails to probe after the initial allocation.

Convert to use devm_spi_alloc_host()/devm_spi_alloc_target() to fix the memory leak.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxcef9991e04aed3305c61c392e880f6e01a0c2ea4 < bec21d97c968a4806939eb2946df49ea6c341bdeaffected
LinuxLinuxcef9991e04aed3305c61c392e880f6e01a0c2ea4 < 8e28a01b69f7ea8df7ceb15470cfe643b2828f4faffected
LinuxLinuxcef9991e04aed3305c61c392e880f6e01a0c2ea4 < b8db9552997924b750e727a625a30eaa4603bbb9affected
LinuxLinux6.17affected
LinuxLinux0 < 6.17unaffected
LinuxLinux6.18.20 <= 6.18.*unaffected
LinuxLinux6.19.10 <= 6.19.*unaffected
LinuxLinux7.0 <= *unaffected

Weaknesses

References