Description
In the Linux kernel, the following vulnerability has been resolved:

net: liquidio: Fix off-by-one error in VF setup_nic_devices() cleanup

In setup_nic_devices(), the initialization loop jumps to the label
setup_nic_dev_free on failure. The current cleanup loop while(i--)
skip the failing index i, causing a memory leak.

Fix this by changing the loop to iterate from the current index i
down to 0.

Compile tested only. Issue found using code review.
Published: 2026-03-18
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

An off‑by‑one error in the liquidio driver’s VF setup_nic_devices() cleanup loop causes a memory leak when device initialization fails. Because the loop incorrectly skips the failing index, the driver does not release the allocated resources, potentially allowing an attacker or a faulty request to accumulate unreleased memory over time and degrade system stability or availability.

Affected Systems

The vulnerability exists in the Linux kernel, affecting versions that include the liquidio networking driver. Specific version details are not listed in the advisory, so any kernel build that contains the liquidio driver at the time of the defect is potentially impacted.

Risk and Exploitability

The CVSS score of 5.5 indicates a moderate impact, and the EPSS score is below 1%, suggesting a very low probability of exploitation in the wild. The vulnerability is not currently listed in CISA’s KEV catalog. The nature of the flaw is a memory leak, which requires a failure during VF device setup to be triggered. While this does not directly lead to code execution, repeated exploitation could exhaust kernel memory or cause service interruptions. No publicly available exploitation vector is documented, so the risk is primarily theoretical under normal operating conditions.

Generated by OpenCVE AI on May 21, 2026 at 01:51 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the upstream kernel patch that corrects the off‑by‑one cleanup loop in liquidio.
  • Rebuild and install the updated kernel, ensuring that the new version is active.
  • If the liquidio driver is not required, temporarily disable it to prevent the cleanup loop from executing.

Generated by OpenCVE AI on May 21, 2026 at 01:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Ubuntu USN Ubuntu USN USN-8278-1 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-8289-1 Linux kernel (NVIDIA) vulnerabilities
History

Thu, 21 May 2026 00:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-193
CPEs cpe:2.3:o:linux:linux_kernel:6.19:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.19:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.19:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.19:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.19:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.19:rc6:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.19:rc7:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.19:rc8:*:*:*:*:*:*

Thu, 26 Mar 2026 14:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-401

Thu, 26 Mar 2026 12:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-401

Wed, 25 Mar 2026 22:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-590
CWE-665

Wed, 25 Mar 2026 14:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-590
CWE-665

Wed, 25 Mar 2026 12:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-401
CWE-682

Tue, 24 Mar 2026 13:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-401
CWE-682

Thu, 19 Mar 2026 00:15:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

 cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

threat_severity

Moderate

Wed, 18 Mar 2026 18:00:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: net: liquidio: Fix off-by-one error in VF setup_nic_devices() cleanup In setup_nic_devices(), the initialization loop jumps to the label setup_nic_dev_free on failure. The current cleanup loop while(i--) skip the failing index i, causing a memory leak. Fix this by changing the loop to iterate from the current index i down to 0. Compile tested only. Issue found using code review.
Title net: liquidio: Fix off-by-one error in VF setup_nic_devices() cleanup
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-05-11T22:03:20.564Z

Reserved: 2026-01-13T15:37:45.990Z

Link: CVE-2026-23256

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2026-03-18T18:16:23.817

Modified: 2026-05-21T00:13:21.407

Link: CVE-2026-23256

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-03-18T00:00:00Z

Links: CVE-2026-23256 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-05-21T02:00:11Z

Weaknesses