{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-02T03:47:08.141","vulnerabilities":[{"cve":{"id":"CVE-2026-23162","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-02-14T16:15:56.383","lastModified":"2026-03-18T15:07:36.563","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe/nvm: Fix double-free on aux add failure\n\nAfter a successful auxiliary_device_init(), aux_dev->dev.release\n(xe_nvm_release_dev()) is responsible for the kfree(nvm). When\nthere is failure with auxiliary_device_add(), driver will call\nauxiliary_device_uninit(), which call put_device(). So that the\n.release callback will be triggered to free the memory associated\nwith the auxiliary_device.\n\nMove the kfree(nvm) into the auxiliary_device_init() failure path\nand remove the err goto path to fix below error.\n\n\"\n[ 13.232905] ==================================================================\n[ 13.232911] BUG: KASAN: double-free in xe_nvm_init+0x751/0xf10 [xe]\n[ 13.233112] Free of addr ffff888120635000 by task systemd-udevd/273\n\n[ 13.233120] CPU: 8 UID: 0 PID: 273 Comm: systemd-udevd Not tainted 6.19.0-rc2-lgci-xe-kernel+ #225 PREEMPT(voluntary)\n...\n[ 13.233125] Call Trace:\n[ 13.233126] \n[ 13.233127] dump_stack_lvl+0x7f/0xc0\n[ 13.233132] print_report+0xce/0x610\n[ 13.233136] ? kasan_complete_mode_report_info+0x5d/0x1e0\n[ 13.233139] ? xe_nvm_init+0x751/0xf10 [xe]\n...\n\"\n\nv2: drop err goto path. (Alexander)\n\n(cherry picked from commit a3187c0c2bbd947ffff97f90d077ac88f9c2a215)"},{"lang":"es","value":"En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:\n\ndrm/xe/nvm: Corrige doble liberación en fallo de adición de aux\n\nDespués de una exitosa auxiliary_device_init(), aux_dev->dev.release (xe_nvm_release_dev()) es responsable de la kfree(nvm). Cuando hay un fallo con auxiliary_device_add(), el controlador llamará a auxiliary_device_uninit(), que llama a put_device(). De modo que la devolución de llamada .release se activará para liberar la memoria asociada con el auxiliary_device.\n\nMueve la kfree(nvm) a la ruta de fallo de auxiliary_device_init() y elimina la ruta err goto para corregir el error a continuación.\n\n[ 13.232905] ==================================================================\n[ 13.232911] BUG: KASAN: double-free in xe_nvm_init+0x751/0xf10 [xe]\n[ 13.233112] Free of addr ffff888120635000 by task systemd-udevd/273\n\n[ 13.233120] CPU: 8 UID: 0 PID: 273 Comm: systemd-udevd Not tainted 6.19.0-rc2-lgci-xe-kernel+ #225 PREEMPT(voluntary)\n...\n[ 13.233125] Call Trace:\n[ 13.233126] \n[ 13.233127] dump_stack_lvl+0x7f/0xc0\n[ 13.233132] print_report+0xce/0x610\n[ 13.233136] ? kasan_complete_mode_report_info+0x5d/0x1e0\n[ 13.233139] ? xe_nvm_init+0x751/0xf10 [xe]\n...\n\nv2: elimina la ruta err goto. (Alexander)\n\n(seleccionado de la confirmación a3187c0c2bbd947ffff97f90d077ac88f9c2a215)"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-415"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.17.1","versionEndExcluding":"6.18.9","matchCriteriaId":"8A25DDAF-7C27-4AFF-A350-9BD6DD15CBE1"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.17:-:*:*:*:*:*:*","matchCriteriaId":"7CC8B11D-82DC-4958-8DC7-BF5CC829A5E9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.17:rc7:*:*:*:*:*:*","matchCriteriaId":"3963C3A0-CEA1-4F5C-8011-3A593ABB684D"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.19:rc1:*:*:*:*:*:*","matchCriteriaId":"17B67AA7-40D6-4AFA-8459-F200F3D7CFD1"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.19:rc2:*:*:*:*:*:*","matchCriteriaId":"C47E4CC9-C826-4FA9-B014-7FE3D9B318B2"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.19:rc3:*:*:*:*:*:*","matchCriteriaId":"F71D92C0-C023-48BD-B3B6-70B638EEE298"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.19:rc4:*:*:*:*:*:*","matchCriteriaId":"13580667-0A98-40CC-B29F-D12790B91BDB"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.19:rc5:*:*:*:*:*:*","matchCriteriaId":"CAD1FED7-CF48-47BF-AC7D-7B6FA3C065FC"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.19:rc6:*:*:*:*:*:*","matchCriteriaId":"3EF854A1-ABB1-4E93-BE9A-44569EC76C0D"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.19:rc7:*:*:*:*:*:*","matchCriteriaId":"F5DC0CA6-F0AF-4DDF-A882-3DADB9A886A7"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/32887d8e4bc0696b3cb6c5915a42b39cfd3434f4","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/8a44241b0b83a6047c5448da1fff03fcc29496b5","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}}]}