CVE-2026-23081

Опубликовано: 04 фев. 2026

Источник: redhat

CVSS3: 5.5

EPSS Низкий

Описание

In the Linux kernel, the following vulnerability has been resolved: net: phy: intel-xway: fix OF node refcount leakage Automated review spotted am OF node reference count leakage when checking if the 'leds' child node exists. Call of_put_node() to correctly maintain the refcount.

A flaw was found in the Linux kernel's intel-xway PHY (Physical Layer) driver. This vulnerability involves an improper management of Open Firmware (OF) node reference counts. A local attacker could exploit this by repeatedly triggering a specific condition, leading to resource exhaustion and ultimately a denial of service (DoS) on the system.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 10	kernel	Affected
Red Hat Enterprise Linux 6	kernel	Not affected
Red Hat Enterprise Linux 7	kernel	Not affected
Red Hat Enterprise Linux 7	kernel-rt	Not affected
Red Hat Enterprise Linux 8	kernel	Not affected
Red Hat Enterprise Linux 8	kernel-rt	Not affected
Red Hat Enterprise Linux 9	kernel	Not affected
Red Hat Enterprise Linux 9	kernel-rt	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-772

https://bugzilla.redhat.com/show_bug.cgi?id=2436832kernel: Linux kernel: Denial of Service in intel-xway PHY driver due to OF node reference count leakage

EPSS

Процентиль: 4%

0.00017

Низкий

5.5 Medium

CVSS3

Связанные уязвимости

CVE-2026-23081

CVSS3: 5.5

ubuntu

около 2 месяцев назад

CVE-2026-23081

CVSS3: 5.5

nvd

около 2 месяцев назад

CVE-2026-23081

CVSS3: 5.5

debian

около 2 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: n ...

GHSA-64mr-2w58-753j

CVSS3: 5.5

github

около 2 месяцев назад

EPSS

Процентиль: 4%

0.00017

Низкий

5.5 Medium

CVSS3