{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-23033", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-01-13T15:37:45.942Z", "datePublished": "2026-01-31T11:42:28.352Z", "dateUpdated": "2026-05-11T21:58:42.294Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-11T21:58:42.294Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: omap-dma: fix dma_pool resource leak in error paths\n\nThe dma_pool created by dma_pool_create() is not destroyed when\ndma_async_device_register() or of_dma_controller_register() fails,\ncausing a resource leak in the probe error paths.\n\nAdd dma_pool_destroy() in both error paths to properly release the\nallocated dma_pool resource."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/dma/ti/omap-dma.c"], "versions": [{"version": "7bedaa5537604f34d1d63c5ec7891e559d2a61ed", "lessThan": "8d66cb05b8b76396387a7b3a91f9284225c87f04", "status": "affected", "versionType": "git"}, {"version": "7bedaa5537604f34d1d63c5ec7891e559d2a61ed", "lessThan": "2b29f38f4f9660595e8272b8e8b82ffcca7ce592", "status": "affected", "versionType": "git"}, {"version": "7bedaa5537604f34d1d63c5ec7891e559d2a61ed", "lessThan": "6b867a98699657c2a698bbc9e60656349b39b905", "status": "affected", "versionType": "git"}, {"version": "7bedaa5537604f34d1d63c5ec7891e559d2a61ed", "lessThan": "88a9483f093bbb9263dcf21bc7fdb5132e5de88d", "status": "affected", "versionType": "git"}, {"version": "7bedaa5537604f34d1d63c5ec7891e559d2a61ed", "lessThan": "4b93712e96be17029bd22787f2e39feb0e73272c", "status": "affected", "versionType": "git"}, {"version": "7bedaa5537604f34d1d63c5ec7891e559d2a61ed", "lessThan": "829b00481734dd54e72f755fd6584bce6fbffbb0", "status": "affected", "versionType": "git"}, {"version": "7bedaa5537604f34d1d63c5ec7891e559d2a61ed", "lessThan": "2e1136acf8a8887c29f52e35a77b537309af321f", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/dma/ti/omap-dma.c"], "versions": [{"version": "3.6", "status": "affected"}, {"version": "0", "lessThan": "3.6", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.249", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.199", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.162", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.122", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.67", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.7", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.19", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.6", "versionEndExcluding": "5.10.249"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.6", "versionEndExcluding": "5.15.199"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.6", "versionEndExcluding": "6.1.162"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.6", "versionEndExcluding": "6.6.122"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.6", "versionEndExcluding": "6.12.67"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.6", "versionEndExcluding": "6.18.7"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.6", "versionEndExcluding": "6.19"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/8d66cb05b8b76396387a7b3a91f9284225c87f04"}, {"url": "https://git.kernel.org/stable/c/2b29f38f4f9660595e8272b8e8b82ffcca7ce592"}, {"url": "https://git.kernel.org/stable/c/6b867a98699657c2a698bbc9e60656349b39b905"}, {"url": "https://git.kernel.org/stable/c/88a9483f093bbb9263dcf21bc7fdb5132e5de88d"}, {"url": "https://git.kernel.org/stable/c/4b93712e96be17029bd22787f2e39feb0e73272c"}, {"url": "https://git.kernel.org/stable/c/829b00481734dd54e72f755fd6584bce6fbffbb0"}, {"url": "https://git.kernel.org/stable/c/2e1136acf8a8887c29f52e35a77b537309af321f"}], "title": "dmaengine: omap-dma: fix dma_pool resource leak in error paths", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: omap-dma: fix dma_pool resource leak in error paths\n\nThe dma_pool created by dma_pool_create() is not destroyed when\ndma_async_device_register() or of_dma_controller_register() fails,\ncausing a resource leak in the probe error paths.\n\nAdd dma_pool_destroy() in both error paths to properly release the\nallocated dma_pool resource."}, {"lang": "es", "value": "En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:\n\ndmaengine: omap-dma: correcci\u00f3n de fuga de recursos de dma_pool en las rutas de error\n\nEl dma_pool creado por dma_pool_create() no se destruye cuando dma_async_device_register() o of_dma_controller_register() fallan, causando una fuga de recursos en las rutas de error de sondeo.\n\nA\u00f1adir dma_pool_destroy() en ambas rutas de error para liberar correctamente el recurso dma_pool asignado."}], "id": "CVE-2026-23033", "lastModified": "2026-04-15T00:35:42.020", "metrics": {}, "published": "2026-01-31T12:16:06.613", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/2b29f38f4f9660595e8272b8e8b82ffcca7ce592"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/2e1136acf8a8887c29f52e35a77b537309af321f"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/4b93712e96be17029bd22787f2e39feb0e73272c"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/6b867a98699657c2a698bbc9e60656349b39b905"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/829b00481734dd54e72f755fd6584bce6fbffbb0"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/88a9483f093bbb9263dcf21bc7fdb5132e5de88d"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/8d66cb05b8b76396387a7b3a91f9284225c87f04"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Deferred"}

{"bugzilla": {"description": "kernel: dmaengine: omap-dma: fix dma_pool resource leak in error paths", "id": "2435643", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2435643"}, "csaw": false, "details": ["In the Linux kernel, the following vulnerability has been resolved:\ndmaengine: omap-dma: fix dma_pool resource leak in error paths\nThe dma_pool created by dma_pool_create() is not destroyed when\ndma_async_device_register() or of_dma_controller_register() fails,\ncausing a resource leak in the probe error paths.\nAdd dma_pool_destroy() in both error paths to properly release the\nallocated dma_pool resource."], "name": "CVE-2026-23033", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-01-31T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-23033\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-23033\nhttps://lore.kernel.org/linux-cve-announce/2026013121-CVE-2026-23033-c543@gregkh/T"]}

{"analysis": {"en": {"generated_at": "2026-04-18T18:37:10.661660+00:00", "value": {"mitigation_remediation": ["Upgrade to a kernel version that includes the dma_pool_destroy fix for OMAP DMA engine drivers.", "Restart the system to ensure the updated driver is loaded and the resource leak no longer occurs.", "Monitor kernel memory usage and system logs for signs of repeated driver probe failures or memory exhaustion."], "summary": {"action": "Apply Patch", "impact": "Resource Leak leading to possible kernel memory exhaustion"}, "threat_synthesis": {"affected_systems": "The issue affects any Linux kernel that includes the DMA engine implementation for OMAP devices and has not been updated to the patch that adds dma_pool_destroy() in the failure paths. Specific kernel releases are not listed, so all affected kernels without the mitigation should be considered vulnerable.", "description_and_impact": "A missing cleanup in the DMA engine driver for OMAP devices causes the dma_pool created during device registration to remain allocated when the probe fails. The leak means that repeated failures can gradually consume kernel memory, potentially destabilizing the system or leading to a denial-of-service if the kernel runs out of memory. The flaw originates from improper resource management when dma_async_device_register() or of_dma_controller_register() returns an error.", "risk_and_exploitability": "The EPSS score is reported as below 1\u202f%, indicating a very low probability that the vulnerability will be actively exploited. It is not listed in the CISA KEV catalog. The attack vector is local to the kernel, as the leak occurs during driver probe on boot or module load. An attacker with sufficient privilege to trigger re\u2011probe conditions could repeatedly exhaust kernel memory, but the lack of a public exploit and low exploit probability reduce the immediate risk. Nonetheless, the impact on availability warrants timely patching."}}}}, "created": "2026-04-18T18:45:05.754952+00:00", "updated": "2026-04-18T18:45:05.754963+00:00", "vendors": [], "weaknesses": ["CWE-573"]}