CVE-2026-23164

MEDIUM5.5

rocker: fix memory leak in rocker_world_port_post_fini()

Published Feb 14, 2026

Modified 2 months ago

Details

In the Linux kernel, the following vulnerability has been resolved:

rocker: fix memory leak in rocker_world_port_post_fini()

In rocker_world_port_pre_init(), rocker_port->wpriv is allocated with kzalloc(wops->port_priv_size, GFP_KERNEL). However, in rocker_world_port_post_fini(), the memory is only freed when wops->port_post_fini callback is set:

if (!wops->port_post_fini)
    return;
wops->port_post_fini(rocker_port);
kfree(rocker_port->wpriv);

Since rocker_ofdpa_ops does not implement port_post_fini callback (it is NULL), the wpriv memory allocated for each port is never freed when ports are removed. This leads to a memory leak of sizeof(struct ofdpa_port) bytes per port on every device removal.

Fix this by always calling kfree(rocker_port->wpriv) regardless of whether the port_post_fini callback exists.

References

https://git.kernel.org/stable/c/2a3a64d75d2d0727da285749476761ebcad557a3

https://git.kernel.org/stable/c/8ce2e85889939c02740b4245301aa5c35fc94887

https://git.kernel.org/stable/c/8d7ba71e46216b8657a82ca2ec118bc93812a4d0

https://git.kernel.org/stable/c/b11e6f926480ab0939fec44781f28558c54be4e7

https://git.kernel.org/stable/c/d448bf96889f1905e740c554780f5c9fa0440566

https://git.kernel.org/stable/c/d8723917efda3b4f4c3de78d1ec1e1af015c0be1

https://git.kernel.org/stable/c/dce375f4afc348c310d171abcde7ec1499a4c26a

https://www.cve.org/CVERecord?id=CVE-2026-23164

CVSS Analysis

CVSS v3.1

5.5

Exploitability

Attack Vector

LocalAV:L

Attack Complexity

LowAC:L

Privileges Required

LowPR:L

User Interaction

NoneUI:N

Scope

Scope

UnchangedS:U

Impact

Confidentiality

NoneC:N

Integrity

NoneI:N

Availability

HighA:H

5.5/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Ecosystems

Timeline

PublishedFeb 14, 2026

ModifiedFeb 14, 2026

CVE-2026-23164 | Mondoo Vulnerability Intelligence