CVE-2026-53121

Summary

In the Linux kernel, the following vulnerability has been resolved:

amd-pstate: Fix memory leak in amd_pstate_epp_cpu_init()

On failure to set the epp, the function amd_pstate_epp_cpu_init() returns with an error code without freeing the cpudata object that was allocated at the beginning of the function.

Ensure that the cpudata object is freed before returning from the function.

This memory leak was discovered by Claude Opus 4.6 with the aid of Chris Mason's AI review-prompts (https://github.com/masoncl/review-prompts/tree/main/kernel).

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxf9a378ff6443cdcd4387e5dbb76fa5fa549a83ec < 539aabbab190825c77eb455ec35652cb3720625faffected
LinuxLinuxf9a378ff6443cdcd4387e5dbb76fa5fa549a83ec < 7f9aa2359742eaa6ea65ec0d20dafdfd0add9b8baffected
LinuxLinuxf9a378ff6443cdcd4387e5dbb76fa5fa549a83ec < beda3b363546a423e4e29a7395e04c0ac4ff677eaffected
LinuxLinux6.14affected
LinuxLinux0 < 6.14unaffected
LinuxLinux6.18.33 <= 6.18.*unaffected
LinuxLinux7.0.10 <= 7.0.*unaffected
LinuxLinux7.1 <= *unaffected

Weaknesses

References