CVE Catalog

CVE-2026-45925

MediumCVSS 5.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.20%

10th percentile - higher than 10% of all known CVEs

Summary

A vulnerability has been identified in the Linux kernel related to a reference leak in the thermal_of_cm_lookup() function. The tr_np value is obtained via of_parse_phandle() but is never released, leading to a memory leak.

Risk Assessment

Organizations may experience performance issues due to memory leaks, which can lead to destabilization of services running on the Linux system.

Recommendation

It is recommended to update the Linux kernel to a version where this vulnerability has been fixed to avoid issues related to memory leaks.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: thermal/of: Fix reference leak in thermal_of_cm_lookup() In thermal_of_cm_lookup(), tr_np is obtained via of_parse_phandle(), but never released. Use the __free(device_node) cleanup attribute to automatically release the node and fix the leak. [ rjw: Changelog edits ]

Vulnerability data from NVD (NIST) · CISA KEV · EPSS