CVE-2026-23015

EUVD-2026-5079
In the Linux kernel, the following vulnerability has been resolved:

gpio: mpsse: fix reference leak in gpio_mpsse_probe() error paths

The reference obtained by calling usb_get_dev() is not released in the
gpio_mpsse_probe() error paths. Fix that by using device managed helper
functions. Also remove the usb_put_dev() call in the disconnect function
since now it will be released automatically.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
UNKNOWN
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 6%
Debian logo
Debian Releases
Debian Product
Codename
linux
bookworm
6.1.159-1
not-affected
bookworm (security)
6.1.162-1
fixed
bullseye
5.10.223-1
not-affected
bullseye (security)
5.10.249-1
fixed
forky
6.18.9-1
fixed
sid
6.18.12-1
fixed
trixie
6.12.63-1
not-affected
trixie (security)
6.12.73-1
fixed
Vulnerability Media Exposure
References
https://git.kernel.org/stable/c/1e876e5a0875e71e34148c9feb2eedd3bf6b2b43
https://git.kernel.org/stable/c/7ea26e6dcabc270433b6ded2a1aee85b215d1b28