CVE-2026-23301 — Vulnetix

CVE-2026-23301 PUBLISHED

In the Linux kernel, the following vulnerability has been resolved: ASoC: SDCA: Add allocation failure check for Entity name Currently find_sdca_entity_iot() can allocate a string for the Entity name but it doesn't check if that allocation succeeded. Add the missing NULL check after the allocation.

EPSS 0.02% · 5.5th percentile

Risk Scores

EPSS Score

0.02%

5.5th percentile

Affected Products

Vendor	Product	Versions
Linux	Linux	*, 7.0-rc3, 48fa77af2f4a55ab961520f2a0e50560dc0baca8
linux	linux_kernel	6.19, 6.19, 6.19

Exploit Intelligence

https://git.kernel.org/stable/c/bdcc10a86055beb7109a786d94abf5626f375bbd (circl)
https://git.kernel.org/stable/c/27990181031fdcdbe0f7c46011f6404e5d116386 (circl)

Timeline

Mar 25, 2026 EPSS Score
Mar 25, 2026 Coalition ESS Score
Mar 25, 2026 CVE Published
Mar 29, 2026 Security Advisory
May 18, 2026 EPSS Score
May 19, 2026 EPSS Score
May 20, 2026 EPSS Score
May 21, 2026 EPSS Score
May 22, 2026 EPSS Score
May 23, 2026 EPSS Score
May 24, 2026 EPSS Score
May 25, 2026 EPSS Score

References

https://git.kernel.org/stable/c/bdcc10a86055beb7109a786d94abf5626f375bbd url
https://git.kernel.org/stable/c/27990181031fdcdbe0f7c46011f6404e5d116386 url
https://nvd.nist.gov/vuln/detail/CVE-2026-23301 advisory

Open in Interactive Console →