CVE-2026-43045

MEDIUM

mshv: Fix error handling in mshv_region_pin

Title source: cna

Description

In the Linux kernel, the following vulnerability has been resolved: mshv: Fix error handling in mshv_region_pin The current error handling has two issues: First, pin_user_pages_fast() can return a short pin count (less than requested but greater than zero) when it cannot pin all requested pages. This is treated as success, leading to partially pinned regions being used, which causes memory corruption. Second, when an error occurs mid-loop, already pinned pages from the current batch are not properly accounted for before calling mshv_region_invalidate_pages(), causing a page reference leak. Treat short pins as errors and fix partial batch accounting before cleanup.

References (2)

Core 2

Core References

https://git.kernel.org/stable/c/a7d149152bc5a9119854331c57be35ad31fdf5cc

https://git.kernel.org/stable/c/c0e296f257671ba10249630fe58026f29e4804d9

Scores

CVSS v3 5.5

EPSS 0.0002

EPSS Percentile 4.4%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

Status published

Products (10)

Linux/Linux < 6.15

Linux/Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - a7d149152bc5a9119854331c57be35ad31fdf5cc

Linux/Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - c0e296f257671ba10249630fe58026f29e4804d9

Linux/Linux 6.15

Linux/Linux 6.19.12 - 6.19.*

Linux/Linux 621191d709b14882270dfd8ea5d7d6cdfebe2c35 - a7d149152bc5a9119854331c57be35ad31fdf5cc

Linux/Linux 621191d709b14882270dfd8ea5d7d6cdfebe2c35 - c0e296f257671ba10249630fe58026f29e4804d9

Linux/Linux 7.0

linux/linux_kernel 7.0 rc1 (4 CPE variants)

linux/linux_kernel 6.15 - 6.19.12

Published May 01, 2026

Tracked Since May 01, 2026