CVE-2026-23301

EUVD-2026-15236
In the Linux kernel, the following vulnerability has been resolved:

ASoC: SDCA: Add allocation failure check for Entity name

Currently find_sdca_entity_iot() can allocate a string for the
Entity name but it doesn't check if that allocation succeeded.
Add the missing NULL check after the allocation.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 1%
Affected Products (NVD)
VendorProductVersion
linuxlinux_kernel
6.19 ≤
𝑥
< 6.19.7
linuxlinux_kernel
7.0:rc1
linuxlinux_kernel
7.0:rc2
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
linux
bookworm
6.1.170-3
fixed
bookworm (security)
6.1.174-1
fixed
bullseye
5.10.223-1
fixed
bullseye (security)
5.10.257-1
fixed
forky
7.0.12-2
fixed
sid
7.0.13-1
fixed
trixie
6.12.86-1
fixed
trixie (security)
6.12.94-1
fixed
Common Weakness Enumeration
References
https://git.kernel.org/stable/c/27990181031fdcdbe0f7c46011f6404e5d116386
https://git.kernel.org/stable/c/bdcc10a86055beb7109a786d94abf5626f375bbd