What is GHSA-45hw-xggf-p88g?

GHSA-45hw-xggf-p88g is a security advisory published by GitHub Security Advisories with Medium severity. In the Linux kernel, the following vulnerability has been resolved: soc: microchip: mpfs: Fix...

Which CVE IDs does GHSA-45hw-xggf-p88g cover?

GHSA-45hw-xggf-p88g covers the following CVE IDs: CVE-2026-23464. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-45hw-xggf-p88g?

GHSA-45hw-xggf-p88g has a CVSS v3 base score of 5.5, published by GitHub Security Advisories.

GHSA-45hw-xggf-p88gMediumCVSS 5.5

In the Linux kernel, the following vulnerability has been resolved: soc: microchip: mpfs: Fix...

Vendor

GitHub Security Advisories

Published

April 3, 2026

Last Modified

May 20, 2026

🔗 CVE IDs covered (1)

CVE-2026-23464 →

📋 Description

In the Linux kernel, the following vulnerability has been resolved:

soc: microchip: mpfs: Fix memory leak in mpfs_sys_controller_probe()

In mpfs_sys_controller_probe(), if of_get_mtd_device_by_node() fails, the function returns immediately without freeing the allocated memory for sys_controller, leading to a memory leak.

Fix this by jumping to the out_free label to ensure the memory is properly freed.

Also, consolidate the error handling for the mbox_request_channel() failure case to use the same label.

🔗 References (6)

https://nvd.nist.gov/vuln/detail/CVE-2026-23464
https://git.kernel.org/stable/c/17c84fb7cf3971cc621646185d785670e9530ca1
https://git.kernel.org/stable/c/5a741f8cc6fe62542f955cd8d24933a1b6589cbd
https://git.kernel.org/stable/c/da4b44c42f40501db35f5d0a6243708a061490a0
https://git.kernel.org/stable/c/e3dd5cffba07de6574165a72851471cd42cc6d15
https://github.com/advisories/GHSA-45hw-xggf-p88g