CVE Catalog

CVE-2026-45921

MediumCVSS 5.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.17%

6th percentile - higher than 6% of all known CVEs

Summary

A vulnerability has been identified in the Linux kernel related to a memory leak in the mtd_parser_tplink_safeloader_parse() function. The issue occurs when buffer allocation fails, and the buffer is not freed, leading to a memory leak.

Risk Assessment

Memory leaks can lead to increased resource consumption, which may affect system stability and performance over time.

Recommendation

It is recommended to update the Linux kernel to the latest version where this vulnerability has been fixed to avoid memory leak issues.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: mtd: parsers: Fix memory leak in mtd_parser_tplink_safeloader_parse() The function mtd_parser_tplink_safeloader_parse() allocates buf via mtd_parser_tplink_safeloader_read_table(). If the allocation for parts[idx].name fails inside the loop, the code jumps to the err_free label without freeing buf, leading to a memory leak. Fix this by freeing the temporary buffer buf in the err_free label. Compile tested only. Issue found using a prototype static analysis tool and code review.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS