Skip to main content

Linux EUVDEUVD-2026-12890

| CVE-2026-23258 MEDIUM
Memory Leak (CWE-401)
2026-03-18 Linux
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
SUSE
MEDIUM
qualitative
Red Hat
3.3 LOW
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

5
CVSS changed
May 29, 2026 - 19:07 NVD
5.5 (MEDIUM)
Patch released
Mar 31, 2026 - 21:13 nvd
Patch available
EUVD ID Assigned
Mar 18, 2026 - 18:00 euvd
EUVD-2026-12890
Analysis Generated
Mar 18, 2026 - 18:00 vuln.today
CVE Published
Mar 18, 2026 - 17:41 nvd
N/A

DescriptionCVE.org

In the Linux kernel, the following vulnerability has been resolved:

net: liquidio: Initialize netdev pointer before queue setup

In setup_nic_devices(), the netdev is allocated using alloc_etherdev_mq(). However, the pointer to this structure is stored in oct->props[i].netdev only after the calls to netif_set_real_num_rx_queues() and netif_set_real_num_tx_queues().

If either of these functions fails, setup_nic_devices() returns an error without freeing the allocated netdev. Since oct->props[i].netdev is still NULL at this point, the cleanup function liquidio_destroy_nic_device() will fail to find and free the netdev, resulting in a memory leak.

Fix this by initializing oct->props[i].netdev before calling the queue setup functions. This ensures that the netdev is properly accessible for cleanup in case of errors.

Compile tested only. Issue found using a prototype static analysis tool and code review.

AnalysisAI

A memory leak vulnerability exists in the Linux kernel's Liquidio network driver within the setup_nic_devices() function where the netdev pointer is not initialized in the oct->props[i].netdev structure before calling queue setup functions. If netif_set_real_num_rx_queues() or netif_set_real_num_tx_queues() fail, the allocated netdev memory is not freed because the cleanup function liquidio_destroy_nic_device() cannot locate it via the NULL pointer. This affects all Linux kernel versions with the Liquidio driver and allows for memory exhaustion through repeated device initialization failures.

Technical ContextAI

The vulnerability resides in the Liquidio network driver (liquidio) in the Linux kernel, specifically in the setup_nic_devices() function. The affected product is the Linux kernel itself (cpe:2.3:a:linux:linux:*:*:*:*:*:*:*:*). The root cause is a resource management error where the order of operations causes a netdev_alloc structure allocated via alloc_etherdev_mq() to become orphaned if subsequent queue configuration calls fail. The driver fails to properly track allocated resources before performing operations that may fail, violating secure resource initialization patterns. This is fundamentally a memory management issue in kernel driver code that handles network device initialization for Cavium Liquidio network adapters.

RemediationAI

Update the Linux kernel to a patched version containing one of the seven committed fixes referenced in the git.kernel.org stable branches (commits be109646cdae, c81a8515fb8c, a0e57c0b68c9, c0ed6c77ec34, 1d4590fde856, d028147ae064, or 926ede0c85e1). For systems using Liquidio network adapters, apply the latest stable kernel update for your currently supported kernel series through your Linux distribution's package management system. As a temporary mitigation pending kernel updates, minimize the number of times network devices are hot-plugged or reinitialized on systems with Liquidio adapters, and monitor system memory pressure for unexplained growth that might indicate resource leaks from failed device initialization attempts. Refer to https://git.kernel.org/stable/ for the specific patches applicable to your kernel version.

Vendor StatusVendor

Debian

linux
Release Status Fixed Version Urgency
bullseye fixed 5.10.251-1 -
bullseye (security) fixed 5.10.251-1 -
bookworm fixed 6.1.164-1 -
bookworm (security) fixed 6.1.164-1 -
trixie fixed 6.12.73-1 -
trixie (security) fixed 6.12.74-2 -
forky fixed 6.19.6-2 -
sid fixed 6.19.8-1 -
(unstable) fixed 6.18.10-1 -

SUSE

Severity: Medium
Product Status
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise High Availability Extension 15 SP7 Fixed
SUSE Linux Enterprise High Availability Extension 15 SP7 Fixed
SUSE Linux Enterprise High Performance Computing 15 SP7 Fixed

Share

EUVD-2026-12890 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy