CVE-2026-23033
BaseFortify
Publication date: 2026-01-31
Last updated on: 2026-02-06
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux_kernel | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a resource leak in the Linux kernel's dmaengine subsystem, specifically in the omap-dma driver. When certain functions (dma_async_device_register() or of_dma_controller_register()) fail during device initialization, the allocated dma_pool resource is not properly destroyed, leading to a resource leak. The fix involves adding dma_pool_destroy() calls in the error paths to release the allocated resources correctly.
How can this vulnerability impact me? :
This vulnerability can cause resource leaks in the Linux kernel, which may lead to increased memory usage or depletion of DMA pool resources over time. This could potentially degrade system performance or stability, especially in systems that frequently encounter these error conditions during device initialization.
What immediate steps should I take to mitigate this vulnerability?
Update the Linux kernel to a version that includes the fix for the dma_pool resource leak in the omap-dma driver. The fix involves adding dma_pool_destroy() in error paths to properly release allocated dma_pool resources, preventing resource leaks.