CVE-2026-45888

CVE-2026-45888CVE-2026-45888

linux / linux_kernel

Description

In the Linux kernel, the following vulnerability has been resolved: md/raid1: fix memory leak in raid1_run() raid1_run() calls setup_conf() which registers a thread via md_register_thread(). If raid1_set_limits() fails, the previously registered thread is not unregistered, resulting in a memory leak of the md_thread structure and the thread resource itself. Add md_unregister_thread() to the error path to properly cleanup the thread, which aligns with the error handling logic of other paths in this function. Compile tested only. Issue found using a prototype static analysis tool and code review.

Scoring

CVSS 5.5 ()
VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Last modified2026-06-25
Sourced from NVD. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.