CVE-2026-45954 - Vulnerability Details

- fbdev: au1200fb: Fix a memory leak in au1200fb_drv_probe()

Description

In the Linux kernel, the following vulnerability has been resolved:

fbdev: au1200fb: Fix a memory leak in au1200fb_drv_probe()

In au1200fb_drv_probe(), when platform_get_irq fails(), it directly
returns from the function with an error code, which causes a memory
leak.

Replace it with a goto label to ensure proper cleanup.

Published: 2026-05-27

Score: 5.5 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

unaffected

Version	Status	Constraints
`49e435ca02c797e6e877bb79a9c3c3f580462fdb`	affected	< 81831d56b723bc1090ce3158feddaca88e85f939
`2400ae8fd86d0dfb67bdff6e206b090b0606bbf4`	affected	< 071d8fb757a8318f72c8e02898c2cf7e14e21fb6
`50e4b32d2e58b7487ebb0a16d5de9cbde56f7949`	affected	< bd1ad63e11b2a568e98de536f319054d2de29f56
`4e88761f5f8c7869f15a2046b1a1116f4fab4ac8`	affected	< 3e5349e54113e2dce1a659c57935e18032742e56
`4e88761f5f8c7869f15a2046b1a1116f4fab4ac8`	affected	< 762a26818934241b8b0172a229d2cf5d87260e40
`4e88761f5f8c7869f15a2046b1a1116f4fab4ac8`	affected	< 3d4202ee6494c0d576cdc104b12e0834ca8136a8
`4e88761f5f8c7869f15a2046b1a1116f4fab4ac8`	affected	< b024a8efee0f55d330a1cdd3eac8f79ac5acd3be
`4e88761f5f8c7869f15a2046b1a1116f4fab4ac8`	affected	< ce4e25198a6aaaaf36248edf8daf3d744ec8e309
`5cf4447039ef335768a6e61208ff2eebf1884f53`	affected	—
`9386ddd88480a1b838c92ef1677a4768c8914505`	affected	—
`b07e31824df61c8866ab549a49e35826ea42609c`	affected	—
`b492d371c6225d95f8ee34cac0eb40b58f5c5023`	affected	—
`5.10.188`	affected	< 5.10.252
`5.15.123`	affected	< 5.15.202
`6.1.42`	affected	< 6.1.165
`4.14.322`	affected	< 4.15
`4.19.291`	affected	< 4.20
`5.4.251`	affected	< 5.5
`6.4.7`	affected	< 6.5

Linux

affected

Version	Status	Constraints
`6.5`	affected	—
`0`	unaffected	< 6.5
`5.10.252`	unaffected	≤ 5.10.*
`5.15.202`	unaffected	≤ 5.15.*
`6.1.165`	unaffected	≤ 6.1.*
`6.6.128`	unaffected	≤ 6.6.*
`6.12.75`	unaffected	≤ 6.12.*
`6.18.14`	unaffected	≤ 6.18.*
`6.19.4`	unaffected	≤ 6.19.*
`7.0`	unaffected	≤ *

Configuration 1 [-]

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.5:-::::::
	cpe:2.3:o:linux:linux_kernel:6.5:rc3::::::
	cpe:2.3:o:linux:linux_kernel:6.5:rc4::::::
	cpe:2.3:o:linux:linux_kernel:6.5:rc5::::::
	cpe:2.3:o:linux:linux_kernel:6.5:rc6::::::
	cpe:2.3:o:linux:linux_kernel:6.5:rc7::::::

No data.

Vendor Product Confidence Versions

Linux

Linux Kernel

99%

Version	Status	Scheme	Platform
`[49e435ca02c797e6e877bb79a9c3c3f580462fdb,81831d56b723bc1090ce3158feddaca88e85f939)`	affected	code_commit	—
`[2400ae8fd86d0dfb67bdff6e206b090b0606bbf4,071d8fb757a8318f72c8e02898c2cf7e14e21fb6)`	affected	code_commit	—
`[50e4b32d2e58b7487ebb0a16d5de9cbde56f7949,bd1ad63e11b2a568e98de536f319054d2de29f56)`	affected	code_commit	—
`[4e88761f5f8c7869f15a2046b1a1116f4fab4ac8,3e5349e54113e2dce1a659c57935e18032742e56)`	affected	code_commit	—
`[4e88761f5f8c7869f15a2046b1a1116f4fab4ac8,762a26818934241b8b0172a229d2cf5d87260e40)`	affected	code_commit	—
`[4e88761f5f8c7869f15a2066b1a1116f4fab4ac8,3d4202ee6494c0d576cdc104b12e0834ca8136a8)`	affected	code_commit	—
`[4e88761f5f8c7869f15a2066b1a1116f4fab4ac8,b024a8efee0f55d330a1cdd3eac8f79ac5acd3be)`	affected	code_commit	—
`[4e88761f5f8c7869f15a2046b1a1116f4fab4ac8,ce4e25198a6aaaaf36248edf8daf3d744ec8e309)`	affected	code_commit	—
`5cf4447039ef335768a6e61208ff2eebf1884f53`	affected	code_commit	—
`9386ddd88480a1b838c92ef1677a4768c8914505`	affected	code_commit	—
`b07e31824df61c8866ab549a49e35826ea42609c`	affected	code_commit	—
`b492d371c6225d95f8ee34cac0eb40b58f5c5023`	affected	code_commit	—
`[5.10.188,5.10.252)`	affected	semver	—
`[5.15.123,5.15.202)`	affected	semver	—
`[6.1.42,6.1.165)`	affected	semver	—
`[4.14.322,4.15)`	affected	generic	—
`[4.19.291,4.20)`	affected	generic	—
`[5.4.251,5.5)`	affected	generic	—
`[6.4.7,6.5)`	affected	generic	—

Linux

Linux Kernel

99%

Version	Status	Scheme	Platform
`6.5`	affected	generic	—
`[0,6.5)`	unaffected	generic	—
`[5.10.252,6.0.0)`	unaffected	semver	—
`[5.15.202,6.0.0)`	unaffected	semver	—
`[6.1.165,6.2.0)`	unaffected	semver	—
`[6.6.128,6.7.0)`	unaffected	semver	—
`[6.12.75,6.13.0)`	unaffected	semver	—
`[6.18.14,6.19.0)`	unaffected	semver	—
`[6.19.4,6.20.0)`	unaffected	semver	—
`[7.0,*]`	unaffected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
Debian DLA	DLA-4606-1	linux security update

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00122.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://git.kernel.org/stable/c/071d8fb757a8318f72c8e02898c2cf7e14e21fb6
https://git.kernel.org/stable/c/3d4202ee6494c0d576cdc104b12e0834ca8136a8
https://git.kernel.org/stable/c/3e5349e54113e2dce1a659c57935e18032742e56
https://git.kernel.org/stable/c/762a26818934241b8b0172a229d2cf5d87260e40
https://git.kernel.org/stable/c/81831d56b723bc1090ce3158feddaca88e85f939
https://git.kernel.org/stable/c/b024a8efee0f55d330a1cdd3eac8f79ac5acd3be
https://git.kernel.org/stable/c/bd1ad63e11b2a568e98de536f319054d2de29f56
https://git.kernel.org/stable/c/ce4e25198a6aaaaf36248edf8daf3d744ec8e309
https://lore.kernel.org/linux-cve-announce/2026052732-CVE-2026-45954-5d56@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2026-45954
https://www.cve.org/CVERecord?id=CVE-2026-45954

History

Tue, 16 Jun 2026 06:30:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-401
CPEs		cpe:2.3:o:linux:linux_kernel:6.5:-:::::: cpe:2.3:o:linux:linux_kernel:6.5:rc3:::::: cpe:2.3:o:linux:linux_kernel:6.5:rc4:::::: cpe:2.3:o:linux:linux_kernel:6.5:rc5:::::: cpe:2.3:o:linux:linux_kernel:6.5:rc6:::::: cpe:2.3:o:linux:linux_kernel:6.5:rc7::::::
Metrics		cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}`

Thu, 28 May 2026 15:30:00 +0000

Type	Values Removed	Values Added
Weaknesses	CWE-401

Thu, 28 May 2026 12:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-772
References		https://lore.kernel.org/linux-cve-announce/2026052732-CVE-2026-45954-5d56@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2026-45954 https://www.cve.org/CVERecord?id=CVE-2026-45954

Wed, 27 May 2026 17:45:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-401

Wed, 27 May 2026 14:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: fbdev: au1200fb: Fix a memory leak in au1200fb_drv_probe() In au1200fb_drv_probe(), when platform_get_irq fails(), it directly returns from the function with an error code, which causes a memory leak. Replace it with a goto label to ensure proper cleanup.
Title		fbdev: au1200fb: Fix a memory leak in au1200fb_drv_probe()
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/071d8fb757a8318f72c8e02898c2cf7e14e21fb6 https://git.kernel.org/stable/c/3d4202ee6494c0d576cdc104b12e0834ca8136a8 https://git.kernel.org/stable/c/3e5349e54113e2dce1a659c57935e18032742e56 https://git.kernel.org/stable/c/762a26818934241b8b0172a229d2cf5d87260e40 https://git.kernel.org/stable/c/81831d56b723bc1090ce3158feddaca88e85f939 https://git.kernel.org/stable/c/b024a8efee0f55d330a1cdd3eac8f79ac5acd3be https://git.kernel.org/stable/c/bd1ad63e11b2a568e98de536f319054d2de29f56 https://git.kernel.org/stable/c/ce4e25198a6aaaaf36248edf8daf3d744ec8e309

Subscriptions

Linux Linux Kernel

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-05-27T12:18:10.004Z

Updated: 2026-05-27T12:18:10.004Z

Reserved: 2026-05-13T15:03:33.088Z

Link: CVE-2026-45954

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2026-05-27T14:17:11.917

Modified: 2026-06-17T10:52:47.327

Link: CVE-2026-45954

Redhat

Severity :

Publid Date: 2026-05-27T00:00:00Z

Links: CVE-2026-45954 - Bugzilla

OpenCVE Enrichment

Updated: 2026-06-18T00:15:03Z

Weaknesses

Tracking

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object