CVE-2026-45925 PUBLISHED

thermal/of: Fix reference leak in thermal_of_cm_lookup()

Assigner: Linux
Reserved: 13.05.2026 Published: 27.05.2026 Updated: 27.05.2026

In the Linux kernel, the following vulnerability has been resolved:

thermal/of: Fix reference leak in thermal_of_cm_lookup()

In thermal_of_cm_lookup(), tr_np is obtained via of_parse_phandle(), but never released.

Use the __free(device_node) cleanup attribute to automatically release the node and fix the leak.

[ rjw: Changelog edits ]

Product Status

Vendor Linux
Product Linux
Versions Default: unaffected
  • affected from e11df3bffde16fd3b6843aadfb921b5be0f8b55a to 8af710156c53cdb392d529497ef2b3a10a1f9370 (excl.)
  • affected from 423de5b5bc5b267586b449abd1c4fde562aa0cf9 to 8344d5da9df74fdbef676214d0c482fc822a01ca (excl.)
  • affected from 423de5b5bc5b267586b449abd1c4fde562aa0cf9 to 025796ccd7f9f2e013e12319de26b6c021a80c1f (excl.)
  • affected from 423de5b5bc5b267586b449abd1c4fde562aa0cf9 to a1fe789a96fe47733c133134fd264cb7ca832395 (excl.)
  • Version a1e9e19a70eed67a69ca697368739ea1a3ba5780 is affected
  • affected from 6.12.18 to 6.12.75 (excl.)
  • affected from 6.13.6 to 6.14 (excl.)
Vendor Linux
Product Linux
Versions Default: affected
  • Version 6.14 is affected
  • unaffected from 0 to 6.14 (excl.)
  • unaffected from 6.12.75 to 6.12.* (incl.)
  • unaffected from 6.18.14 to 6.18.* (incl.)
  • unaffected from 6.19.4 to 6.19.* (incl.)
  • unaffected from 7.0 to * (incl.)

References