CVE-2026-23037
BaseFortify
Publication date: 2026-01-31
Last updated on: 2026-02-06
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| etas | es58x | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability occurs in the Linux kernel's etas_es58x driver where the function es58x_alloc_rx_urbs() fails to handle partial allocation of RX URBs correctly. When it partially allocates URBs but not the full requested amount, it returns an error, causing es58x_open() to exit early and skip cleanup. This results in a memory leak of the allocated URBs. The fix changes es58x_alloc_rx_urbs() to return success if at least one URB is allocated, preventing the leak and restoring intended behavior.
How can this vulnerability impact me? :
The vulnerability can lead to a memory leak in the Linux kernel's etas_es58x driver due to improper handling of partial URB allocations. This leak could degrade system stability or performance over time if the leaked resources accumulate, potentially causing resource exhaustion or unexpected behavior in systems using this driver.
What immediate steps should I take to mitigate this vulnerability?
Update the Linux kernel to a version where the es58x_alloc_rx_urbs() function has been modified to return 0 if at least one URB has been allocated, preventing the URB leak. This fixes the issue by ensuring partial URB allocations are handled gracefully and the cleanup code is executed properly.