CVE-2026-23030

{"id": "CVE-2026-23030", "cveTags": [], "metrics": {}, "published": "2026-01-31T12:16:06.313", "references": [{"url": "https://git.kernel.org/stable/c/027d42b97e6eb827c3438ebc09bab7efaee9270d", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/e07dea3de508cd6950c937cec42de7603190e1ca", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/ebae26dd15140b840cf65be5e1c0daee949ba70b", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/efe92ee7a111fe0f4d75f3ed6b7e3f86322279d5", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Awaiting Analysis", "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nphy: rockchip: inno-usb2: Fix a double free bug in rockchip_usb2phy_probe()\n\nThe for_each_available_child_of_node() calls of_node_put() to\nrelease child_np in each success loop. After breaking from the\nloop with the child_np has been released, the code will jump to\nthe put_child label and will call the of_node_put() again if the\ndevm_request_threaded_irq() fails. These cause a double free bug.\n\nFix by returning directly to avoid the duplicate of_node_put()."}], "lastModified": "2026-02-03T16:44:36.630", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}