CVE-2026-45928

Description

In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix memory leak on codec_info allocation failure In wave5_vpu_open_enc() and wave5_vpu_open_dec(), a vpu instance is allocated via kzalloc(). If the subsequent allocation for inst->codec_info fails, the functions return -ENOMEM without freeing the previously allocated instance, causing a memory leak. Fix this by calling kfree() on the instance in this error path to ensure it is properly released.

References

Other References

https://git.kernel.org/stable/c/1de71556cbd6e1d0d26fb86b9b3bb8caa0df8495 https://git.kernel.org/stable/c/32e9e45cf7e3422d21fa64535588d3572faf71c3 https://git.kernel.org/stable/c/52defdd4034db1a34bb48006f889d66a3629224b https://git.kernel.org/stable/c/a519e21e32398459ba357e67b541402f7295ee1b

Frequently Asked Questions

What is CVE-2026-45928? +

In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix memory leak on codec_info allocation failure In wave5_vpu_open_enc() and wave5_vpu_open_dec(), a vpu instance is allocated via kzalloc(). If the subsequent allocation for inst->codec_info fails, the functions return -ENOMEM without freeing the previously allocated instance, causing a memory leak. Fix this by calling kfree() on the instance in this error path to ensure it is properly released.

How do I check if I'm vulnerable to CVE-2026-45928? +

You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.

Description

References

Other References

Frequently Asked Questions

Don't wait for an exploit