CVE-2026-45939

Summary

In the Linux kernel, the following vulnerability has been resolved:

gpib: Fix memory leak in ni_usb_init()

In ni_usb_init(), if ni_usb_setup_init() fails, the function returns -EFAULT without freeing the allocated writes buffer, leading to a memory leak.

Additionally, ni_usb_setup_init() returns 0 on failure, which causes ni_usb_init() to return -EFAULT, an inappropriate error code for this situation.

Fix the leak by freeing writes in the error path. Modify ni_usb_setup_init() to return -EINVAL on failure and propagate this error code in ni_usb_init().

Affected Software

VendorProductVersion RangeStatus
LinuxLinux4e127de14fa78bcd98c6459b0b984b8266cd0203 < 9c97fcfb7a62dea893104a046d544da8ac23370baffected
LinuxLinux4e127de14fa78bcd98c6459b0b984b8266cd0203 < c899d4b62c0757a280831e89c1f3801b597e8f38affected
LinuxLinux4e127de14fa78bcd98c6459b0b984b8266cd0203 < b89921eed8cf2d97250bac4be38dbcfbf048b586affected
LinuxLinux6.13affected
LinuxLinux0 < 6.13unaffected
LinuxLinux6.18.14 <= 6.18.*unaffected
LinuxLinux6.19.4 <= 6.19.*unaffected
LinuxLinux7.0 <= *unaffected

Weaknesses

References