CVE-2026-23030

Jan. 31, 2026, 12:16 p.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: phy: rockchip: inno-usb2: Fix a double free bug in rockchip_usb2phy_probe() The for_each_available_child_of_node() calls of_node_put() to release child_np in each success loop. After breaking from the loop with the child_np has been released, the code will jump to the put_child label and will call the of_node_put() again if the devm_request_threaded_irq() fails. These cause a double free bug. Fix by returning directly to avoid the duplicate of_node_put().

Product(s) Impacted

Vendor Product Versions
Linux
  • Kernel
  • *

Weaknesses

Common security weaknesses mapped to this vulnerability.

*CPE(s)

Affected systems and software identified for this CVE.

Type Vendor Product Version Update Edition Language Software Edition Target Software Target Hardware Other Information
a linux kernel / / / / / / / /

References

https://git.kernel.org/stable/c/027d42b97e6eb827c3438ebc09bab7efaee9270d
https://git.kernel.org/stable/c/e07dea3de508cd6950c937cec42de7603190e1ca
https://git.kernel.org/stable/c/ebae26dd15140b840cf65be5e1c0daee949ba70b
https://git.kernel.org/stable/c/efe92ee7a111fe0f4d75f3ed6b7e3f86322279d5

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2026-01-31
CVE-2026-23030

Timeline

Published: Jan. 31, 2026, 12:16 p.m.
Last Modified: Jan. 31, 2026, 12:16 p.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.