CVE-2026-23023

MEDIUM

Linux kernel - Memory Corruption

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: idpf: fix memory leak in idpf_vport_rel() Free vport->rx_ptype_lkup in idpf_vport_rel() to avoid leaking memory during a reset. Reported by kmemleak: unreferenced object 0xff450acac838a000 (size 4096): comm "kworker/u258:5", pid 7732, jiffies 4296830044 hex dump (first 32 bytes): 00 00 00 00 00 10 00 00 00 10 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 ................ backtrace (crc 3da81902): __kmalloc_cache_noprof+0x469/0x7a0 idpf_send_get_rx_ptype_msg+0x90/0x570 [idpf] idpf_init_task+0x1ec/0x8d0 [idpf] process_one_work+0x226/0x6d0 worker_thread+0x19e/0x340 kthread+0x10f/0x250 ret_from_fork+0x251/0x2b0 ret_from_fork_asm+0x1a/0x30

References (3)

[Patch] https://git.kernel.org/stable/c/a4212d6732e3f674c6cc7d0b642f276d827e8f94

[Patch] https://git.kernel.org/stable/c/ec602a2a4071eb956d656ba968c58fee09f0622d

[Patch] https://git.kernel.org/stable/c/f6242b354605faff263ca45882b148200915a3f6

Scores

CVSS v3 5.5

EPSS 0.0002

EPSS Percentile 4.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-401

Status published

Products (13)

linux/Kernel 6.13.0 - 6.18.6linux

linux/Kernel 6.7.0 - 6.12.66linux

Linux/Linux < 6.7

Linux/Linux 0fe45467a1041ea3657a7fa3a791c84c104fbd34 - a4212d6732e3f674c6cc7d0b642f276d827e8f94

Linux/Linux 0fe45467a1041ea3657a7fa3a791c84c104fbd34 - ec602a2a4071eb956d656ba968c58fee09f0622d

Linux/Linux 0fe45467a1041ea3657a7fa3a791c84c104fbd34 - f6242b354605faff263ca45882b148200915a3f6

Linux/Linux 6.12.66 - 6.12.*

Linux/Linux 6.18.6 - 6.18.*

Linux/Linux 6.19

Linux/Linux 6.7

... and 3 more

Published Jan 31, 2026

Tracked Since Feb 18, 2026