Bug 2481985 (CVE-2026-45868) - CVE-2026-45868 kernel: pinctrl: single: fix refcount leak in pcs_add_gpio_func()
Summary: CVE-2026-45868 kernel: pinctrl: single: fix refcount leak in pcs_add_gpio_func()
Keywords:
Status: NEW
Alias: CVE-2026-45868
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Product Security
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2026-05-27 15:05 UTC by OSIDB Bzimport
Modified: 2026-05-28 03:55 UTC (History)
2 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:


Attachments (Terms of Use)

Description OSIDB Bzimport 2026-05-27 15:05:41 UTC
In the Linux kernel, the following vulnerability has been resolved:

pinctrl: single: fix refcount leak in pcs_add_gpio_func()

of_parse_phandle_with_args() returns a device_node pointer with refcount
incremented in gpiospec.np. The loop iterates through all phandles but
never releases the reference, causing a refcount leak on each iteration.

Add of_node_put() calls to release the reference after extracting the
needed arguments and on the error path when devm_kzalloc() fails.

This bug was detected by our static analysis tool and verified by my
code review.


Note You need to log in before you can comment on or make changes to this bug.