Description
In the Linux kernel, the following vulnerability has been resolved:

idpf: fix memory leak in idpf_vport_rel()

Free vport->rx_ptype_lkup in idpf_vport_rel() to avoid leaking memory
during a reset. Reported by kmemleak:

unreferenced object 0xff450acac838a000 (size 4096):
comm "kworker/u258:5", pid 7732, jiffies 4296830044
hex dump (first 32 bytes):
00 00 00 00 00 10 00 00 00 10 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 ................
backtrace (crc 3da81902):
__kmalloc_cache_noprof+0x469/0x7a0
idpf_send_get_rx_ptype_msg+0x90/0x570 [idpf]
idpf_init_task+0x1ec/0x8d0 [idpf]
process_one_work+0x226/0x6d0
worker_thread+0x19e/0x340
kthread+0x10f/0x250
ret_from_fork+0x251/0x2b0
ret_from_fork_asm+0x1a/0x30
Published: 2026-01-31
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Memory exhaustion
Action: Patch Now
AI Analysis

Impact

The Linux kernel idpf driver contains a defect where the function idpf_vport_rel fails to free the rx_ptype_lkup data structure, causing a memory leak that is triggered during a reset. The leak accumulates a 4 KiB object for every vport removed, potentially exhausting system memory over time. The vulnerability is catalogued as CWE‑401 and is not known to allow code execution or privilege escalation.

Affected Systems

The flaw is present in the idpf driver code path that is compiled for the Linux kernel. It affects the kernel builds listed in the CPEs, notably 6.7 and all 6.19 release candidates up to rc8. Systems running any of these kernel versions that use the idpf driver are at risk; the issue does not affect other drivers or kernel components.

Risk and Exploitability

The CVSS base score is 5.5, indicating potential for moderate impact if memory exhaustion leads to degraded performance or a kernel panic. The EPSS score of less than 1% suggests that exploitation is unlikely, and the vulnerability is not listed in CISA’s KEV catalog. Attackers would need privileged kernel execution and an environment where the idpf driver is reset frequently to trigger the leak. Given the low exploit probability, patching remains the recommended approach.

Generated by OpenCVE AI on April 18, 2026 at 00:56 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the kernel to a version that includes the fix—any release newer than 6.19‑rc8 or at least 6.8 will contain the corrected idpf_vport_rel logic.
  • If an immediate kernel upgrade is not feasible, disable or unload the idpf driver on hosts where it is not required, or configure network interfaces to avoid frequent resets that would trigger the leak.
  • Run kernel memory checks (e.g., kmemleak or dmesg) to monitor for orphaned objects and confirm that the leak no longer appears after applying the patch or disabling the driver.

Generated by OpenCVE AI on April 18, 2026 at 00:56 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DSA Debian DSA DSA-6126-1 linux security update
History

Wed, 25 Mar 2026 16:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-401
CPEs cpe:2.3:o:linux:linux_kernel:6.19:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.19:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.19:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.19:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.19:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.19:rc6:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.19:rc7:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.19:rc8:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.7:-:*:*:*:*:*:*
Metrics cvssV3_1

{'score': 7.0, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H'}

 cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

Mon, 02 Feb 2026 12:15:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

 cvssV3_1

{'score': 7.0, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H'}

threat_severity

Important

Sat, 31 Jan 2026 11:45:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: idpf: fix memory leak in idpf_vport_rel() Free vport->rx_ptype_lkup in idpf_vport_rel() to avoid leaking memory during a reset. Reported by kmemleak: unreferenced object 0xff450acac838a000 (size 4096): comm "kworker/u258:5", pid 7732, jiffies 4296830044 hex dump (first 32 bytes): 00 00 00 00 00 10 00 00 00 10 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 ................ backtrace (crc 3da81902): __kmalloc_cache_noprof+0x469/0x7a0 idpf_send_get_rx_ptype_msg+0x90/0x570 [idpf] idpf_init_task+0x1ec/0x8d0 [idpf] process_one_work+0x226/0x6d0 worker_thread+0x19e/0x340 kthread+0x10f/0x250 ret_from_fork+0x251/0x2b0 ret_from_fork_asm+0x1a/0x30
Title idpf: fix memory leak in idpf_vport_rel()
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-02-09T08:37:17.049Z

Reserved: 2026-01-13T15:37:45.941Z

Link: CVE-2026-23023

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2026-01-31T12:16:05.617

Modified: 2026-03-25T15:57:49.213

Link: CVE-2026-23023

cve-icon Redhat

Severity : Important

Publid Date: 2026-01-31T00:00:00Z

Links: CVE-2026-23023 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T01:00:11Z

Weaknesses