CVE-2026-53278

In the Linux kernel, the following vulnerability has been resolved:

arm mpam: Check whether the config array is allocated before destroying it

destroy component cfg() is called to free the configuration array. It uses the embedded 'garbage' structure, which means the array has to be allocated.

If destroy component cfg() is called from mpam disable() before the configuration was ever allocated, then a NULL pointer is dereferenced.

Check for this case and return early if the configuration is not allocated.

destroy component cfg() also frees the mbwu state as this is allocated by allocate component cfg(). As the mbwu state is allocated after comp->cfg is set, and is also under mpam list lock, only the first pointer needs checking.