CVE-2026-23029 - Vulnerability Details

- LoongArch: KVM: Fix kvm_device leak in kvm_eiointc_destroy()

Description

In the Linux kernel, the following vulnerability has been resolved:

LoongArch: KVM: Fix kvm_device leak in kvm_eiointc_destroy()

In kvm_ioctl_create_device(), kvm_device has allocated memory,
kvm_device->destroy() seems to be supposed to free its kvm_device
struct, but kvm_eiointc_destroy() is not currently doing this, that
would lead to a memory leak.

So, fix it.

Published: 2026-01-31

Score: n/a

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

The Linux kernel for LoongArch contains a flaw in the KVM subsystem where the kvm_eiointc_destroy routine fails to free the allocated kvm_device structure. When a KVM device is created and subsequently destroyed, the unused memory remains allocated, causing a kernel memory leak. This gradual memory consumption can degrade overall system performance and, if left unchecked, may contribute to a denial‑of‑service condition by exhausting available kernel memory.

Affected Systems

All Linux kernel builds that support the LoongArch architecture and include the KVM eiointc device code prior to the patch commit 7d8553fc75aefa7ec936af0cf8443ff90b51732e. The affected product is the Linux kernel (LoongArch variant). Any distribution using a kernel version that has not incorporated this fix is at risk.

Risk and Exploitability

With an EPSS score of less than 1%, the probability of active exploitation is very low and the flaw is not listed in the CISA KEV catalog, indicating no known exploits. The vulnerability does not provide direct remote code execution; the likely attack vector requires an attacker with the privilege to invoke kvm_ioctl_create_device and trigger repeated device creations and deletions, which would exhaust memory over time. Overall, the risk is low but can lead to resource exhaustion if unmitigated.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

unaffected

Version	Status	Constraints
`2e8b9df82631e714cc2b7bf302772c8259673180`	affected	< e94ec9661c5820d157d2cc4b6cf4a6ab656a7b4d
`2e8b9df82631e714cc2b7bf302772c8259673180`	affected	< 7d8553fc75aefa7ec936af0cf8443ff90b51732e

Linux

affected

Version	Status	Constraints
`6.13`	affected	—
`0`	unaffected	< 6.13
`6.18.7`	unaffected	≤ 6.18.*
`6.19`	unaffected	≤ *

No data.

No data available yet.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade the Linux kernel to a version that includes the fix (any release that contains commit 7d8553fc75aefa7ec936af0cf8443ff90b51732e).
If a kernel upgrade is not immediately possible, apply the patch from the kernel repository by cherry‑pulling commit 7d8553fc75aefa7ec936af0cf8443ff90b51732e (or its equivalent) into the current kernel tree and recompiling.
Consider restricting KVM device creation privileges on the host (e.g., limit the use of kvm_ioctl_create_device to trusted users or remove the eiointc device entirely) until the kernel can be updated.

Generated by OpenCVE AI on April 18, 2026 at 00:54 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00012.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://git.kernel.org/stable/c/7d8553fc75aefa7ec936af0cf8443ff90b51732e
https://git.kernel.org/stable/c/e94ec9661c5820d157d2cc4b6cf4a6ab656a7b4d
https://lore.kernel.org/linux-cve-announce/2026013120-CVE-2026-23029-88a9@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2026-23029
https://www.cve.org/CVERecord?id=CVE-2026-23029

History

Sat, 18 Apr 2026 01:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-401

Tue, 03 Feb 2026 00:15:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2026013120-CVE-2026-23029-88a9@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2026-23029 https://www.cve.org/CVERecord?id=CVE-2026-23029

Sat, 31 Jan 2026 12:00:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix kvm_device leak in kvm_eiointc_destroy() In kvm_ioctl_create_device(), kvm_device has allocated memory, kvm_device->destroy() seems to be supposed to free its kvm_device struct, but kvm_eiointc_destroy() is not currently doing this, that would lead to a memory leak. So, fix it.
Title		LoongArch: KVM: Fix kvm_device leak in kvm_eiointc_destroy()
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/7d8553fc75aefa7ec936af0cf8443ff90b51732e https://git.kernel.org/stable/c/e94ec9661c5820d157d2cc4b6cf4a6ab656a7b4d

Subscriptions

Linux Linux Kernel

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-01-31T11:42:07.750Z

Updated: 2026-02-09T08:37:23.573Z

Reserved: 2026-01-13T15:37:45.942Z

Link: CVE-2026-23029

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2026-01-31T12:16:06.217

Modified: 2026-04-15T00:35:42.020

Link: CVE-2026-23029

Redhat

Severity :

Publid Date: 2026-01-31T00:00:00Z

Links: CVE-2026-23029 - Bugzilla

OpenCVE Enrichment

Updated: 2026-04-18T01:00:11Z

Weaknesses

CWE-401

Impact

Affected Systems

Risk and Exploitability

Tracking

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object