CVE-2026-45870

NONE EPSS 5.6%
Published May 27, 20261mo ago · Modified Jun 17, 20261w ago
Find Similar
Published May 27, 2026 1mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: auth_gss: fix memory leaks in XDR decoding error paths The gssx_dec_ctx(), gssx_dec_status(), and gssx_dec_name() functions allocate memory via gssx_dec_buffer(), which calls kmemdup(). When a subsequent decode operation fails, these functions return immediately without freeing previously allocated buffers, causing memory leaks. The leak in gssx_dec_ctx() is particularly relevant because the caller (gssp_accept_sec_context_upcall) initializes several buffer length fields to non-zero values, resulting in memory allocation: struct gssx_ctx rctxh = { .exported_context_token.len = GSSX_max_output_handle_sz, .mech.len = GSS_OID_MAX_LEN, .src_name.display_name.len = GSSX_max_princ_sz, .targ_name.display_name.len = GSSX_max_princ_sz }; If, for example, gssx_dec_name() succeeds for src_name but fails for targ_name, the memory allocated for exported_context_token, mech, and src_name.display_name remains unreferenced and cannot be reclaimed. Add error handling with goto-based cleanup to free any previously allocated buffers before returning an error.

Threat Intelligence

EPSS Exploit Probability
5.6% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

References 8

  • git.kernel.org https://git.kernel.org/stable/c/3b56eb90feb8a3709417f5624f3871847d42bcb1
  • git.kernel.org https://git.kernel.org/stable/c/3e6397b056335cc56ef0e9da36c95946a19f5118
  • git.kernel.org https://git.kernel.org/stable/c/64303b92d94c0c7845a273acd8d84b796d6f1db7
  • git.kernel.org https://git.kernel.org/stable/c/b4af3806846778799cd4ab0766dc18341e777264
  • git.kernel.org https://git.kernel.org/stable/c/c81431b1b9fbd21e9a5a9211b5517b7295d18e6a
  • git.kernel.org https://git.kernel.org/stable/c/caf7eff432e91a9eba1c79fa545c2f54be15d62b
  • git.kernel.org https://git.kernel.org/stable/c/d79b9097a6a2b91471b40755f1225364be5d85ff
  • git.kernel.org https://git.kernel.org/stable/c/df10f23defff22c8d55fe6db74f6e4ce927145bf

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.