Skip to main content

Linux Kernel EUVDEUVD-2026-28768

| CVE-2026-43462 HIGH
2026-05-08 Linux GHSA-2xr2-hxv5-9jxf
7.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
SUSE
HIGH
qualitative
Red Hat
MEDIUM
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

5
Analysis Generated
May 11, 2026 - 08:38 vuln.today
CVSS changed
May 11, 2026 - 08:22 NVD
7.5 (HIGH)
Patch available
May 08, 2026 - 16:18 EUVD
CVE Published
May 08, 2026 - 14:22 nvd
UNKNOWN (no severity yet)
CVE Published
May 08, 2026 - 14:22 nvd
HIGH 7.5

DescriptionCVE.org

In the Linux kernel, the following vulnerability has been resolved:

net: spacemit: Fix error handling in emac_tx_mem_map()

The DMA mappings were leaked on mapping error. Free them with the existing emac_free_tx_buf() function.

AnalysisAI

DMA mapping resource leaks in the Linux kernel's spacemit Ethernet MAC driver (emac_tx_mem_map function) allow remote attackers to trigger denial of service through network traffic that causes mapping errors, progressively exhausting kernel memory resources. The vulnerability affects Linux kernel versions 6.18.x through 6.19.9, with vendor patches available for stable branches 6.18.19, 6.19.9, and 7.0. EPSS exploitation probability is very low (0.02%, 4th percentile), and no public exploit or active exploitation has been identified at time of analysis.

Technical ContextAI

This vulnerability resides in the spacemit Ethernet MAC (EMAC) driver's transmit path, specifically the emac_tx_mem_map() function responsible for mapping transmit buffers to DMA-accessible memory. When DMA mapping operations fail due to resource exhaustion, memory pressure, or IOMMU issues, the function did not properly invoke the cleanup routine emac_free_tx_buf() to release already-mapped DMA regions. This creates a resource leak where failed mappings accumulate, gradually consuming kernel DMA mapping resources and potentially leading to system-wide network stack failure. The spacemit EMAC driver supports SpacemiT's SoC Ethernet controllers, commonly found in embedded Linux systems and networking appliances. The fix ensures proper error path cleanup by calling the existing emac_free_tx_buf() destructor when mapping errors occur, preventing progressive resource depletion.

RemediationAI

Upgrade to patched Linux kernel versions: 6.18.19 or later for the 6.18 stable branch, 6.19.9 or later for 6.19 branch, or 7.0 and above for mainline. Patches are available from the Linux stable tree at https://git.kernel.org/stable/c/c34ebd7b24ea70be3c6fdb6936f79f593f37df60 (6.18 branch), https://git.kernel.org/stable/c/edeaba385318f60ec1b32470da4d5eb800294d16 (6.19 branch), and https://git.kernel.org/stable/c/86292155bea578ebab0ca3b65d4d87ecd8a0e9ea (mainline). For systems unable to immediately patch, configure kernel memory management with aggressive DMA mapping resource limits (reduce net.core.netdev_max_backlog, lower txqueuelen on spacemit interfaces) to prevent complete resource exhaustion, though this may impact network throughput by 15-30% under high load. Monitor kernel logs for 'DMA mapping error' messages from spacemit_emac driver as an indicator of exploitation attempts or resource pressure. Consider temporarily disabling spacemit network interfaces and using alternative NICs if available, though this requires hardware redundancy. No configuration-only workaround fully mitigates the leak without the kernel patch.

Vendor StatusVendor

SUSE

Severity: High
Product Status
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise High Availability Extension 15 SP7 Fixed
SUSE Linux Enterprise High Availability Extension 15 SP7 Fixed
SUSE Linux Enterprise High Performance Computing 15 SP7 Fixed

Share

EUVD-2026-28768 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy