CVE-2026-23260

In the Linux kernel, the following vulnerability has been resolved: regmap: maple: free entry on mas_store_gfp() failure regcache_maple_write() allocates a new block ('entry') to merge adjacent ranges and then stores it with mas_store_gfp(). When mas_store_gfp() fails, the new 'entry' remains allocated and is never freed, leaking memory. Free 'entry' on the failure path; on success continue freeing the replaced neighbor blocks ('lower', 'upper').
https://nvd.nist.gov/vuln/detail/CVE-2026-23260

Categories

No category defined

References

 

AFFECTED (from MITRE)

---

Vendor	Product	Versions
Linux	Linux	f033c26de5a5734625d2dd1dc196745fae186f1b < d61171cf097156030142643942c217759a9cc806 [affected] f033c26de5a5734625d2dd1dc196745fae186f1b < 811b45e2d795d955bb7fd9c816b40036f4fde350 [affected] f033c26de5a5734625d2dd1dc196745fae186f1b < f08f2d2907675926ac5657b25f86d921f269602a [affected] f033c26de5a5734625d2dd1dc196745fae186f1b < f3f380ce6b3d5c9805c7e0b3d5bc28d9ec41e2e8 [affected]
Linux	Linux	6.4 [affected] < 6.4 [unaffected] 6.6.124 ≤ 6.6.* [unaffected] 6.12.70 ≤ 6.12.* [unaffected] 6.18.10 ≤ 6.18.* [unaffected] 6.19 ≤ * [unaffected]
© 2022 The MITRE Corporation. This work is reproduced and distributed with the permission of The MITRE Corporation.

CPE

cpe	start	end
Configuration 1
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*	>= 6.4	< 6.6.124
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*	>= 6.4	< 6.12.70
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*	>= 6.4	< 6.18.10
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*	>= 6.4	< 6.19

---

REMEDIATION

---

---

EXPLOITS

---

Exploit-db.com

id	description	date
No known exploits

---

POC Github

Url
No known exploits

---

Other Nist (github, ...)

Url
No known exploits

---

CAPEC

---

Common Attack Pattern Enumerations and Classifications

id	description	severity
No entry

---