CVE-2026-31645

MEDIUM

net: lan966x: fix page pool leak in error paths

Title source: cna

Description

In the Linux kernel, the following vulnerability has been resolved: net: lan966x: fix page pool leak in error paths lan966x_fdma_rx_alloc() creates a page pool but does not destroy it if the subsequent fdma_alloc_coherent() call fails, leaking the pool. Similarly, lan966x_fdma_init() frees the coherent DMA memory when lan966x_fdma_tx_alloc() fails but does not destroy the page pool that was successfully created by lan966x_fdma_rx_alloc(), leaking it. Add the missing page_pool_destroy() calls in both error paths.

References (4)

https://git.kernel.org/stable/c/73e940c4249dc5ec6422d1fae535d192fb125955

https://git.kernel.org/stable/c/22e1ee9f22b5c3bb702bb6d4167d770002a85b2b

https://git.kernel.org/stable/c/4941e234cfd67ac911fb259642b453f9f76aac41

https://git.kernel.org/stable/c/076344a6ad9d1308faaed1402fdcfdda68b604ab

Scores

CVSS v3 5.5

EPSS 0.0001

EPSS Percentile 2.1%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-401

Status published

Products (13)

Linux/Linux < 6.2

Linux/Linux 11871aba19748b3387e83a2db6360aa7119e9a1a - 076344a6ad9d1308faaed1402fdcfdda68b604ab

Linux/Linux 11871aba19748b3387e83a2db6360aa7119e9a1a - 22e1ee9f22b5c3bb702bb6d4167d770002a85b2b

Linux/Linux 11871aba19748b3387e83a2db6360aa7119e9a1a - 4941e234cfd67ac911fb259642b453f9f76aac41

Linux/Linux 11871aba19748b3387e83a2db6360aa7119e9a1a - 73e940c4249dc5ec6422d1fae535d192fb125955

Linux/Linux 6.12.82 - 6.12.*

Linux/Linux 6.18.23 - 6.18.*

Linux/Linux 6.19.13 - 6.19.*

Linux/Linux 6.2

Linux/Linux 7.0

... and 3 more

Published Apr 24, 2026

Tracked Since Apr 24, 2026