CVE-2026-53065
Awaiting Analysis Awaiting Analysis - Queue

Memory Leak in Linux Kernel ASoC STI Driver

Vulnerability report for CVE-2026-53065, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-06-24

Last updated on: 2026-07-14

Assigner: kernel.org

Description

In the Linux kernel, the following vulnerability has been resolved: ASoC: sti: use managed regmap_field allocations The regmap_field objects allocated at player init are never freed and may leak resources if the driver is removed. Switch to devm_regmap_field_alloc() to automatically limit the lifetime of the allocations the lifetime of the device.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-24
Last Modified
2026-07-14
Generated
2026-07-15
AI Q&A
2026-06-24
EPSS Evaluated
2026-07-13
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability exists in the Linux kernel's ASoC sti driver where regmap_field objects allocated during player initialization are not freed properly.

Because these objects are never freed, they may cause resource leaks if the driver is removed.

The fix involves switching to devm_regmap_field_alloc(), which manages the lifetime of these allocations automatically, tying them to the lifetime of the device.

Impact Analysis

The vulnerability can lead to resource leaks in the system when the affected driver is removed.

Resource leaks may degrade system performance or stability over time if resources are not properly released.

Mitigation Strategies

The vulnerability involves resource leaks due to regmap_field objects not being freed when the driver is removed.

To mitigate this issue, update the Linux kernel to a version where the ASoC sti driver uses devm_regmap_field_alloc() instead of manual allocations. This change ensures that the lifetime of the allocations is automatically managed and limited to the device's lifetime.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-53065. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart