{ "affected": [ { "ranges": [ { "events": [ { "introduced": "981dd162b63578aee34b5c68795e246734b76d70" }, { "fixed": "93b64bef8cd4074806d981ed1b4c38c3ae0542e3" }, { "fixed": "aba54a5a113667df9d339f4192650f6bc27e9d1f" }, { "fixed": "4baaddaa44af01cd4ce239493060738fd0881835" } ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "type": "GIT" } ] }, { "package": { "ecosystem": "Linux", "name": "Kernel" }, "ranges": [ { "events": [ { "introduced": "6.18.0" }, { "fixed": "6.18.17" } ], "type": "ECOSYSTEM" }, { "events": [ { "introduced": "6.19.0" }, { "fixed": "6.19.7" } ], "type": "ECOSYSTEM" } ] } ], "database_specific": { "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23314.json" }, "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nregulator: bq257xx: Fix device node reference leak in bq257xx_reg_dt_parse_gpio()\n\nIn bq257xx_reg_dt_parse_gpio(), if fails to get subchild, it returns\nwithout calling of_node_put(child), causing the device node reference\nleak.", "id": "CVE-2026-23314", "modified": "2026-04-01T23:08:26.302075594Z", "published": "2026-03-25T10:27:09.383Z", "references": [ { "type": "PACKAGE", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/4baaddaa44af01cd4ce239493060738fd0881835" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/93b64bef8cd4074806d981ed1b4c38c3ae0542e3" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/aba54a5a113667df9d339f4192650f6bc27e9d1f" }, { "type": "ADVISORY", "url": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23314.json" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23314" } ], "schema_version": "1.7.3", "summary": "regulator: bq257xx: Fix device node reference leak in bq257xx_reg_dt_parse_gpio()" }