CVE-2026-23030

CVSS v2.0

7.7

High

Vector

AV:A/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw within the rockchip usb2phy probe() function related to a double free issue. The issue occurs due to multiple calls to of node put() which releases node pointers, leading to a double free when devm request threaded irq() fails. This flaw is present in the phy: rockchip: inno-usb2 component.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Double Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-415

Related Identifiers

BDU:2026-04384

CVE-2026-23030

ECHO-C605-4F93-35FC

OPENSUSE-SU-2026:20416-1

SUSE-SU-2026:1573-1

SUSE-SU-2026:1661-1

SUSE-SU-2026:20838-1

SUSE-SU-2026:20931-1

SUSE-SU-2026:21114-1

SUSE-SU-2026:21123-1

SUSE-SU-2026:21255-1

SUSE-SU-2026:21284-1

USN-8278-1

USN-8289-1

USN-8296-1

Affected Products

Linux Kernel

Ubuntu

Rockchip

CVE-2026-23030

Weakness Enumeration

Related Identifiers

Affected Products

References · 735