CVE-2026-23301

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2026-23301
In the Linux kernel, the following vulnerability has been resolved: ASoC: SDCA: Add allocation failure check for Entity name Currently find_sdca_entity_iot() can allocate a string for the Entity name but it doesn't check if that allocation succeeded. Add the missing NULL check after the allocation.

5.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://git.kernel.org/stable/c/27990181031fdcdbe0f7c46011f6404e5d116386 Patch
https://git.kernel.org/stable/c/bdcc10a86055beb7109a786d94abf5626f375bbd Patch
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*
History

28 May 2026, 14:44

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 5.5
First Time Linux
Linux linux Kernel
CWE CWE-252
CPE cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*
References () https://git.kernel.org/stable/c/27990181031fdcdbe0f7c46011f6404e5d116386 - () https://git.kernel.org/stable/c/27990181031fdcdbe0f7c46011f6404e5d116386 - Patch
References () https://git.kernel.org/stable/c/bdcc10a86055beb7109a786d94abf5626f375bbd - () https://git.kernel.org/stable/c/bdcc10a86055beb7109a786d94abf5626f375bbd - Patch
Summary
  • (es) En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta: ASoC: SDCA: Añadir comprobación de fallo de asignación para el nombre de la Entidad Actualmente, find_sdca_entity_iot() puede asignar una cadena para el nombre de la Entidad, pero no comprueba si esa asignación tuvo éxito. Añadir la comprobación NULL faltante después de la asignación.

25 Mar 2026, 11:16

Type Values Removed Values Added
New CVE
Information

Published : 2026-03-25 11:16

Updated : 2026-05-28 14:44

NVD link : CVE-2026-23301

Mitre link : CVE-2026-23301

CVE.ORG link : CVE-2026-23301

JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-252

Unchecked Return Value