{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-53121", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-06-09T07:44:35.386Z", "datePublished": "2026-06-24T16:30:51.294Z", "dateUpdated": "2026-06-24T16:30:51.294Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-06-24T16:30:51.294Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\namd-pstate: Fix memory leak in amd_pstate_epp_cpu_init()\n\nOn failure to set the epp, the function amd_pstate_epp_cpu_init()\nreturns with an error code without freeing the cpudata object that was\nallocated at the beginning of the function.\n\nEnsure that the cpudata object is freed before returning from the\nfunction.\n\nThis memory leak was discovered by Claude Opus 4.6 with the aid of\nChris Mason's AI review-prompts\n(https://github.com/masoncl/review-prompts/tree/main/kernel)."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/cpufreq/amd-pstate.c"], "versions": [{"version": "f9a378ff6443cdcd4387e5dbb76fa5fa549a83ec", "lessThan": "539aabbab190825c77eb455ec35652cb3720625f", "status": "affected", "versionType": "git"}, {"version": "f9a378ff6443cdcd4387e5dbb76fa5fa549a83ec", "lessThan": "7f9aa2359742eaa6ea65ec0d20dafdfd0add9b8b", "status": "affected", "versionType": "git"}, {"version": "f9a378ff6443cdcd4387e5dbb76fa5fa549a83ec", "lessThan": "beda3b363546a423e4e29a7395e04c0ac4ff677e", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/cpufreq/amd-pstate.c"], "versions": [{"version": "6.14", "status": "affected"}, {"version": "0", "lessThan": "6.14", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.33", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0.10", "lessThanOrEqual": "7.0.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.1", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.14", "versionEndExcluding": "6.18.33"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.14", "versionEndExcluding": "7.0.10"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.14", "versionEndExcluding": "7.1"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/539aabbab190825c77eb455ec35652cb3720625f"}, {"url": "https://git.kernel.org/stable/c/7f9aa2359742eaa6ea65ec0d20dafdfd0add9b8b"}, {"url": "https://git.kernel.org/stable/c/beda3b363546a423e4e29a7395e04c0ac4ff677e"}], "title": "amd-pstate: Fix memory leak in amd_pstate_epp_cpu_init()", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{}

{"bugzilla": {"description": "kernel: amd-pstate: Fix memory leak in amd_pstate_epp_cpu_init()", "id": "2492392", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2492392"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-772", "details": ["In the Linux kernel, the following vulnerability has been resolved:\namd-pstate: Fix memory leak in amd_pstate_epp_cpu_init()\nOn failure to set the epp, the function amd_pstate_epp_cpu_init()\nreturns with an error code without freeing the cpudata object that was\nallocated at the beginning of the function.\nEnsure that the cpudata object is freed before returning from the\nfunction.\nThis memory leak was discovered by Claude Opus 4.6 with the aid of\nChris Mason's AI review-prompts\n(https://github.com/masoncl/review-prompts/tree/main/kernel).", "A flaw was found in the Linux kernel's amd-pstate driver. When the amd_pstate_epp_cpu_init() function fails to set the Energy Performance Preference (EPP), it does not properly free a previously allocated data object. This oversight leads to a memory leak, which could result in resource exhaustion over time and potentially cause a Denial of Service (DoS) condition on the affected system."], "name": "CVE-2026-53121", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-06-24T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-53121\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-53121\nhttps://lore.kernel.org/linux-cve-announce/2026062416-CVE-2026-53121-f105@gregkh/T"], "threat_severity": "Low"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[f9a378ff6443cdcd4387e5dbb76fa5fa549a83ec,539aabbab190825c77eb455ec35652cb3720625f)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[f9a378ff6443cdcd4387e5dbb76fa5fa549a83ec,7f9aa2359742eaa6ea65ec0d20dafdfd0add9b8b)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[f9a378ff6443cdcd4387e5dbb76fa5fa549a83ec,beda3b363546a423e4e29a7395e04c0ac4ff677e)"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "6.14"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[0,6.14)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[6.18.33,7.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[7.0.10,8.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[7.1,*]"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}], "created": "2026-06-24T21:15:16.184621+00:00", "updated": "2026-06-27T03:30:10.768889+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}