CVE-2026-53278
Gravedad:
Pendiente de análisis
Tipo:
No Disponible / Otro tipo
Fecha de publicación:
26/06/2026
Última modificación:
30/06/2026
Descripción
*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
arm_mpam: Check whether the config array is allocated before destroying it<br />
<br />
__destroy_component_cfg() is called to free the configuration array.<br />
It uses the embedded &#39;garbage&#39; structure, which means the array has<br />
to be allocated.<br />
<br />
If __destroy_component_cfg() is called from mpam_disable() before the<br />
configuration was ever allocated, then a NULL pointer is dereferenced.<br />
<br />
Check for this case and return early if the configuration is not<br />
allocated.<br />
<br />
__destroy_component_cfg() also frees the mbwu_state as this is allocated<br />
by __allocate_component_cfg(). As the mbwu_state is allocated after<br />
comp->cfg is set, and is also under mpam_list_lock, only the first<br />
pointer needs checking.



