Skip to main content

Linux EUVDEUVD-2026-15339

| CVE-2026-23360 MEDIUM
Memory Leak (CWE-401)
2026-03-25 Linux
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
SUSE
5.2 MEDIUM
qualitative
Red Hat
5.5 LOW
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

5
CVSS changed
Apr 24, 2026 - 19:07 NVD
5.5 (MEDIUM)
Patch released
Mar 31, 2026 - 21:13 nvd
Patch available
EUVD ID Assigned
Mar 25, 2026 - 10:45 euvd
EUVD-2026-15339
Analysis Generated
Mar 25, 2026 - 10:45 vuln.today
CVE Published
Mar 25, 2026 - 10:27 nvd
N/A

DescriptionCVE.org

In the Linux kernel, the following vulnerability has been resolved:

nvme: fix admin queue leak on controller reset

When nvme_alloc_admin_tag_set() is called during a controller reset, a previous admin queue may still exist. Release it properly before allocating a new one to avoid orphaning the old queue.

This fixes a regression introduced by commit 03b3bcd319b3 ("nvme: fix admin request_queue lifetime").

AnalysisAI

This vulnerability is a resource leak in the Linux kernel's NVMe driver where the admin queue is not properly released during controller reset operations. Systems running affected Linux kernel versions are vulnerable to denial of service through memory exhaustion when NVMe controllers reset repeatedly. While no active exploitation in the wild has been reported and CVSS/EPSS scores are not yet published, the issue affects all Linux distributions and is resolved through kernel patching with fixes available across multiple stable branches.

Technical ContextAI

The vulnerability exists in the NVMe (Non-Volatile Memory Express) subsystem of the Linux kernel, specifically in the admin tag set allocation logic during controller reset sequences. The affected code is referenced in the Linux kernel codebase (CPE: cpe:2.3:a:linux:linux:*:*:*:*:*:*:*:*), where the nvme_alloc_admin_tag_set() function was introduced as part of commit 03b3bcd319b3 intended to fix admin request_queue lifetime management. However, this change introduced a regression: when a controller reset occurs and nvme_alloc_admin_tag_set() is called, any previously existing admin queue is not properly deallocated before the new one is allocated. This is a resource management issue analogous to CWE-401 (Missing Release of Memory after Effective Lifetime) or CWE-772 (Missing Release of Resource after Effective Lifetime), where system memory and queue structures persist beyond their intended scope, degrading system stability over time.

RemediationAI

Apply the Linux kernel security update containing the fix by upgrading to a patched kernel version incorporating one of the four cited commits (64f87b96de0e645a4c066c7cffd753f334446db6, e159eb852aeee95443a9458ecb7d072bbb689913, 8eb2b3cdcd9b6631b94b82c1f4f6bc32b40d942f, or b84bb7bd913d8ca2f976ee6faf4a174f91c02b8d). Most Linux distributions have released patched kernels through their standard update channels—run apt update && apt upgrade (Debian/Ubuntu), yum update (CentOS/RHEL), or dnf upgrade (Fedora) to obtain the latest kernel. After patching, reboot to load the new kernel. For systems unable to reboot immediately, minimize NVMe controller resets by avoiding unnecessary device hotplug operations and power transitions until patching is complete. Verify the patch is applied by checking the kernel version and confirming the presence of the fix commit in the kernel changelog.

Vendor StatusVendor

Debian

linux
Release Status Fixed Version Urgency
bullseye not-affected - -
bullseye (security) fixed 5.10.251-1 -
bookworm not-affected - -
bookworm (security) fixed 6.1.164-1 -
trixie vulnerable 6.12.73-1 -
trixie (security) vulnerable 6.12.74-2 -
forky, sid fixed 6.19.8-1 -
(unstable) fixed 6.19.8-1 -

SUSE

Severity: Medium
Product Status
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise High Availability Extension 15 SP7 Fixed
SUSE Linux Enterprise High Availability Extension 15 SP7 Fixed
SUSE Linux Enterprise High Performance Computing 15 SP7 Fixed

Share

EUVD-2026-15339 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy