Wind River Support Network

HomeDefectsLIN1025-15181
Fixed

LIN1025-15181 : Security Advisory - linux - CVE-2026-46109

Created: May 29, 2026    Updated: Jun 1, 2026
Resolved Date: May 31, 2026
Found In Version: 10.25.33.2
Fix Version: 10.25.33.10
Severity: Standard
Applicable for: Wind River Linux LTS 25
Component/s: Kernel

Description

In the Linux kernel, the following vulnerability has been resolved:  usb: ulpi: fix memory leak on ulpi_register() error paths  Commit 01af542392b5 ("usb: ulpi: fix double free in ulpi_register_interface() error path") removed kfree(ulpi) from ulpi_register_interface() to fix a double-free when device_register() fails.  But when ulpi_of_register() or ulpi_read_id() fail before device_register() is called, the ulpi allocation is leaked.  Add kfree(ulpi) on both error paths to properly clean up the allocation.
  • Linkedin
  • Facebook
  • Twitter
  • Youtube