Acknowledged
Created: Feb 24, 2026
Updated: Mar 2, 2026
Resolved Date: Feb 27, 2026
Found In Version: 10.21.20.2
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Kernel
In the Linux kernel, the following vulnerability has been resolved:
of: unittest: Fix memory leak in unittest_data_add()
In unittest_data_add(), if of_resolve_phandles() fails, the allocated
unittest_data is not freed, leading to a memory leak.
Fix this by using scope-based cleanup helper __free(kfree) for automatic
resource cleanup. This ensures unittest_data is automatically freed when
it goes out of scope in error paths.
For the success path, use retain_and_null_ptr() to transfer ownership
of the memory to the device tree and prevent double freeing.
========Wind River Notice========
The affected file drivers/of/unittest.c is a specialized test suite within the Linux kernel
designed to verify the integrity and functionality of the Device Tree (DT) framework. And in virtually all cases, this file is disabled in production environments. So product won't be affected by this bug.
