Description
In the Linux kernel, the following vulnerability has been resolved:

net: liquidio: Initialize netdev pointer before queue setup

In setup_nic_devices(), the netdev is allocated using alloc_etherdev_mq().
However, the pointer to this structure is stored in oct->props[i].netdev
only after the calls to netif_set_real_num_rx_queues() and
netif_set_real_num_tx_queues().

If either of these functions fails, setup_nic_devices() returns an error
without freeing the allocated netdev. Since oct->props[i].netdev is still
NULL at this point, the cleanup function liquidio_destroy_nic_device()
will fail to find and free the netdev, resulting in a memory leak.

Fix this by initializing oct->props[i].netdev before calling the queue
setup functions. This ensures that the netdev is properly accessible for
cleanup in case of errors.

Compile tested only. Issue found using a prototype static analysis tool
and code review.
Published: 2026-03-18
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service
Action: Apply Patch
AI Analysis

Impact

The Linux kernel liquidio driver allocates a network device but defers storing its pointer until queue configuration calls. If queue setup fails, the allocated structure is not freed because cleanup expects the pointer to be set. This results in a kernel memory leak that can accumulate over time and eventually exhaust kernel memory, leading to system instability or a denial of service.

Affected Systems

The flaw resides in the liquidio networking driver of the Linux kernel. Any kernel release that incorporates this driver and contains the affected code path is potentially vulnerable. No specific version range is provided, so administrators should verify whether their kernel contains the commit that addresses the issue.

Risk and Exploitability

The vulnerability carries a moderate severity rating. Exploitation would likely require local or elevated privileges to trigger the faulty device setup, such as manipulating NIC configuration. The attack surface is limited to the kernel; there is no arbitrary code execution path. The low probability of public exploitation and absence from known exploited catalogs suggest a lower likelihood of immediate risk, but repeated failures can lead to resource exhaustion.

Generated by OpenCVE AI on March 27, 2026 at 21:56 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest Linux kernel patch that initializes the netdev pointer before queue setup.
  • Verify that your running kernel contains the commit that addresses the issue; if not, plan a kernel upgrade.
  • If an update is not immediately available, monitor kernel memory usage and avoid repeated liquidio NIC configuration until patched.

Generated by OpenCVE AI on March 27, 2026 at 21:56 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sun, 29 Mar 2026 20:45:00 +0000

Type Values Removed Values Added
Weaknesses CWE-401

Fri, 27 Mar 2026 20:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-399

Fri, 27 Mar 2026 08:45:00 +0000

Type Values Removed Values Added
Weaknesses CWE-399

Thu, 26 Mar 2026 14:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-401

Thu, 26 Mar 2026 12:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-401

Wed, 25 Mar 2026 22:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-401

Wed, 25 Mar 2026 15:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-401

Wed, 25 Mar 2026 12:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-401

Tue, 24 Mar 2026 13:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-401

Thu, 19 Mar 2026 00:15:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

 cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

threat_severity

Moderate

Wed, 18 Mar 2026 18:00:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: net: liquidio: Initialize netdev pointer before queue setup In setup_nic_devices(), the netdev is allocated using alloc_etherdev_mq(). However, the pointer to this structure is stored in oct->props[i].netdev only after the calls to netif_set_real_num_rx_queues() and netif_set_real_num_tx_queues(). If either of these functions fails, setup_nic_devices() returns an error without freeing the allocated netdev. Since oct->props[i].netdev is still NULL at this point, the cleanup function liquidio_destroy_nic_device() will fail to find and free the netdev, resulting in a memory leak. Fix this by initializing oct->props[i].netdev before calling the queue setup functions. This ensures that the netdev is properly accessible for cleanup in case of errors. Compile tested only. Issue found using a prototype static analysis tool and code review.
Title net: liquidio: Initialize netdev pointer before queue setup
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-03-18T17:41:05.080Z

Reserved: 2026-01-13T15:37:45.990Z

Link: CVE-2026-23258

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-03-18T18:16:24.167

Modified: 2026-03-19T13:25:00.570

Link: CVE-2026-23258

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-03-18T00:00:00Z

Links: CVE-2026-23258 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-03-29T20:29:01Z

Weaknesses