CVE-2026-23257

MEDIUM EPSS 1.8%
Published Mar 18, 20263mo ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Mar 18, 2026 3mo ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: net: liquidio: Fix off-by-one error in PF setup_nic_devices() cleanup In setup_nic_devices(), the initialization loop jumps to the label setup_nic_dev_free on failure. The current cleanup loop while(i--) skip the failing index i, causing a memory leak. Fix this by changing the loop to iterate from the current index i down to 0. Also, decrement i in the devlink_alloc failure path to point to the last successfully allocated index. Compile tested only. Issue found using code review.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
1.8% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-193

Affected Products 14

VendorProductVersionRange
linuxlinux_kernel*≥4.2  –  <5.10.250
linuxlinux_kernel*≥5.11  –  <5.15.200
linuxlinux_kernel*≥5.16  –  <6.1.163
linuxlinux_kernel*≥6.2  –  <6.6.124
linuxlinux_kernel*≥6.7  –  <6.12.70
linuxlinux_kernel*≥6.13  –  <6.18.10
linuxlinux_kernel6.19any
linuxlinux_kernel6.19any
linuxlinux_kernel6.19any
linuxlinux_kernel6.19any
linuxlinux_kernel6.19any
linuxlinux_kernel6.19any
linuxlinux_kernel6.19any
linuxlinux_kernel6.19any

References 7

  • git.kernel.org https://git.kernel.org/stable/c/293eaad0d6d6b2a37a458c7deb7be345349cd963
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8558aef4e8a1a83049ab906d21d391093cfa7e7f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a0d2389c8cdc1f05de5eb8663bffe9ed05dca769
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/af38d9a5cb49fe9d0d282b44f17fdc1f3270d99d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d86c58eb005eb99da402452f3db7a6e0eae32815
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f1216b80c9040a904d2ad7c8cd24ca0ff1f36932
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f86bd16280a0f88b538394e0565c56ce4756da99
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/293eaad0d6d6b2a37a458c7deb7be345349cd963
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8558aef4e8a1a83049ab906d21d391093cfa7e7f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a0d2389c8cdc1f05de5eb8663bffe9ed05dca769
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/af38d9a5cb49fe9d0d282b44f17fdc1f3270d99d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d86c58eb005eb99da402452f3db7a6e0eae32815
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f1216b80c9040a904d2ad7c8cd24ca0ff1f36932
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f86bd16280a0f88b538394e0565c56ce4756da99
    Patch