CVE-2026-45989

In the Linux kernel, the following vulnerability has been resolved:

of: unittest: fix use-after-free in testdrv probe()

The function testdrv probe() retrieves the device node from the PCI device, applies an overlay, and then immediately calls of node put(dn). This releases the reference held by the PCI core, potentially freeing the node if the reference count drops to zero. Later, the same freed pointer 'dn' is passed to of platform default populate(), leading to a use-after-free.

The reference to pdev->dev.of node is owned by the device model and should not be released by the driver. Remove the erroneous of node put() to prevent premature freeing.