{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-23314", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-01-13T15:37:45.994Z", "datePublished": "2026-03-25T10:27:09.383Z", "dateUpdated": "2026-05-11T22:04:29.413Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-11T22:04:29.413Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nregulator: bq257xx: Fix device node reference leak in bq257xx_reg_dt_parse_gpio()\n\nIn bq257xx_reg_dt_parse_gpio(), if fails to get subchild, it returns\nwithout calling of_node_put(child), causing the device node reference\nleak."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/regulator/bq257xx-regulator.c"], "versions": [{"version": "981dd162b63578aee34b5c68795e246734b76d70", "lessThan": "93b64bef8cd4074806d981ed1b4c38c3ae0542e3", "status": "affected", "versionType": "git"}, {"version": "981dd162b63578aee34b5c68795e246734b76d70", "lessThan": "aba54a5a113667df9d339f4192650f6bc27e9d1f", "status": "affected", "versionType": "git"}, {"version": "981dd162b63578aee34b5c68795e246734b76d70", "lessThan": "4baaddaa44af01cd4ce239493060738fd0881835", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/regulator/bq257xx-regulator.c"], "versions": [{"version": "6.18", "status": "affected"}, {"version": "0", "lessThan": "6.18", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.17", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.19.7", "lessThanOrEqual": "6.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.18", "versionEndExcluding": "6.18.17"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.18", "versionEndExcluding": "6.19.7"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.18", "versionEndExcluding": "7.0"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/93b64bef8cd4074806d981ed1b4c38c3ae0542e3"}, {"url": "https://git.kernel.org/stable/c/aba54a5a113667df9d339f4192650f6bc27e9d1f"}, {"url": "https://git.kernel.org/stable/c/4baaddaa44af01cd4ce239493060738fd0881835"}], "title": "regulator: bq257xx: Fix device node reference leak in bq257xx_reg_dt_parse_gpio()", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "07E9D8CD-82F0-4CC6-8038-BF71758D583C", "versionEndExcluding": "6.18.17", "versionStartIncluding": "6.18.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "69245D10-0B71-485E-80C3-A64F077004D3", "versionEndExcluding": "6.19.7", "versionStartIncluding": "6.19", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.18:-:*:*:*:*:*:*", "matchCriteriaId": "DCE57113-2223-4308-A0F2-5E6ECFBB3C23", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "F253B622-8837-4245-BCE5-A7BF8FC76A16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "4AE85AD8-4641-4E7C-A2F4-305E2CD9EE64", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*", "matchCriteriaId": "F666C8D8-6538-46D4-B318-87610DE64C34", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:*", "matchCriteriaId": "02259FDA-961B-47BC-AE7F-93D7EC6E90C2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc5:*:*:*:*:*:*", "matchCriteriaId": "58A9FEFF-C040-420D-8F0A-BFDAAA1DF258", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc6:*:*:*:*:*:*", "matchCriteriaId": "1D2315C0-D46F-4F85-9754-F9E5E11374A6", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc7:*:*:*:*:*:*", "matchCriteriaId": "512EE3A8-A590-4501-9A94-5D4B268D6138", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nregulator: bq257xx: Fix device node reference leak in bq257xx_reg_dt_parse_gpio()\n\nIn bq257xx_reg_dt_parse_gpio(), if fails to get subchild, it returns\nwithout calling of_node_put(child), causing the device node reference\nleak."}, {"lang": "es", "value": "En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:\n\nregulator: bq257xx: Corregir fuga de referencia de nodo de dispositivo en bq257xx_reg_dt_parse_gpio()\n\nEn bq257xx_reg_dt_parse_gpio(), si falla al obtener el subhijo, regresa sin llamar a of_node_put(child), causando la fuga de referencia del nodo de dispositivo."}], "id": "CVE-2026-23314", "lastModified": "2026-04-23T21:06:50.930", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-03-25T11:16:27.767", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/4baaddaa44af01cd4ce239493060738fd0881835"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/93b64bef8cd4074806d981ed1b4c38c3ae0542e3"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/aba54a5a113667df9d339f4192650f6bc27e9d1f"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: regulator: bq257xx: Fix device node reference leak in bq257xx_reg_dt_parse_gpio()", "id": "2451211", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451211"}, "csaw": false, "cwe": "CWE-772", "details": ["A flaw was found in the Linux kernel, specifically within the `regulator: bq257xx` subsystem. This vulnerability, a device node reference leak, occurs when the `bq257xx_reg_dt_parse_gpio()` function fails to properly manage system resources. An attacker could potentially exploit this to cause a denial of service (DoS), making the system unresponsive."], "name": "CVE-2026-23314", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-03-25T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-23314\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-23314\nhttps://lore.kernel.org/linux-cve-announce/2026032529-CVE-2026-23314-166c@gregkh/T"]}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[981dd162b63578aee34b5c68795e246734b76d70,93b64bef8cd4074806d981ed1b4c38c3ae0542e3)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[981dd162b63578aee34b5c68795e246734b76d70,aba54a5a113667df9d339f4192650f6bc27e9d1f)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[981dd162b63578aee34b5c68795e246734b76d70,4baaddaa44af01cd4ce239493060738fd0881835)"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "6.18"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[0,6.18)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.18.17,6.19.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.19.7,6.20.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[7.0-rc2,*]"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}], "analysis": {"en": {"generated_at": "2026-04-29T00:45:31.123743+00:00", "value": {"mitigation_remediation": ["Upgrade to a Linux kernel that includes commit 4baaddaa44af01, which restores proper of_node_put handling in bq257xx_reg_dt_parse_gpio().", "If an upgrade is not immediately possible, remove or disable the bq257xx regulator entry from the device tree to prevent the vulnerable function from executing.", "Apply kernel hardening by enabling CONFIG_DEBUG_KERNEL or using static analysis tools to enforce correct reference counting, following CWE\u2011772 best practices."], "summary": {"action": "Apply Patch", "impact": "Reference Leak Leading to Resource Exhaustion"}, "threat_synthesis": {"affected_systems": "The vulnerability is present in any Linux kernel that includes the bq257xx regulator source without the patch that restores proper of_node_put handling. According to the CPE data, affected versions include 6.18 and all 7.0 release candidates up to rc7. Any distribution or embedded platform that builds the kernel from those sources without applying the commit is at risk.", "description_and_impact": "A bug in the Linux kernel regulator driver for the bq257xx series introduces a reference\u2011counting error when parsing device\u2011tree GPIO nodes. In bq257xx_reg_dt_parse_gpio(), an early return caused by a missing subchild omits a call to of_node_put(child), leaking an object reference. The resulting leak accumulates with repeated device\u2011tree scans and is classified under CWE\u2011772. While the CVSS score of 5.5 indicates moderate severity, the flaw could, over time, exhaust kernel memory and lead to a denial\u2011of\u2011service condition.", "risk_and_exploitability": "The EPSS score of less than 1% and the absence of a CISA KEV listing suggest a low probability of widespread exploitation. However, exploitation would require an attacker to trigger the vulnerable code path, which likely necessitates local or privileged access to modify firmware or supply a crafted device tree entry. Because the description does not detail an attack vector, it is inferred that local attacker controls are needed to realize the resource\u2011exhaustion impact."}}}}, "created": "2026-03-25T21:15:15.231127+00:00", "updated": "2026-04-29T01:00:11.325124+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}