Description
In the Linux kernel, the following vulnerability has been resolved:

net: lan966x: fix page pool leak in error paths

lan966x_fdma_rx_alloc() creates a page pool but does not destroy it if
the subsequent fdma_alloc_coherent() call fails, leaking the pool.

Similarly, lan966x_fdma_init() frees the coherent DMA memory when
lan966x_fdma_tx_alloc() fails but does not destroy the page pool that
was successfully created by lan966x_fdma_rx_alloc(), leaking it.

Add the missing page_pool_destroy() calls in both error paths.
Published: 2026-04-24
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Memory Exhaustion / Denial of Service
Action: Patch
AI Analysis

Impact

A memory leak was found in the Linux kernel's lan966x network driver. During driver initialization a page pool is created but is not destroyed if a later DMA allocation fails. This causes leaked kernel memory that can accumulate and potentially exhaust available memory, leading to a denial‑of‑service condition. The weakness is a classic resource‑exhaustion flaw, captured by CWE-401 (Memory Leak) and CWE-772 (Missing Release of Resource).

Affected Systems

The problem affects the Linux kernel in general and specifically applies to kernel releases 6.2 and 7.0 from release candidate 1 through 7 that include the lan966x driver. Any system running these kernel versions without the patch is vulnerable.

Risk and Exploitability

The CVSS score of 5.5 indicates moderate severity, while the EPSS score of less than 1% suggests that exploitation is currently rare. The vulnerability is not listed in the CISA KEV catalog. Based on the description, it is inferred that an attacker would need to trigger a DMA allocation failure, which could be done by sending malformed or high‑volume traffic to the NIC, or by generating conditions that cause the driver to fail. Successful exploitation would lead to kernel memory exhaustion and service interruption. Local or privileged access to the device is likely required for reliable exploitation.

Generated by OpenCVE AI on April 28, 2026 at 20:04 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply a kernel update that includes the lan966x driver fix
  • Reboot the system so the patched driver is loaded
  • If an immediate kernel upgrade is not possible, temporarily disable the lan966x network interface or unload the driver to prevent the memory leak until a patch can be installed

Generated by OpenCVE AI on April 28, 2026 at 20:04 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DSA Debian DSA DSA-6238-1 linux security update
History

Mon, 27 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-401
CPEs cpe:2.3:o:linux:linux_kernel:6.2:-:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc6:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc7:*:*:*:*:*:*
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

Sat, 25 Apr 2026 00:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-772
References

Fri, 24 Apr 2026 15:00:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: net: lan966x: fix page pool leak in error paths lan966x_fdma_rx_alloc() creates a page pool but does not destroy it if the subsequent fdma_alloc_coherent() call fails, leaking the pool. Similarly, lan966x_fdma_init() frees the coherent DMA memory when lan966x_fdma_tx_alloc() fails but does not destroy the page pool that was successfully created by lan966x_fdma_rx_alloc(), leaking it. Add the missing page_pool_destroy() calls in both error paths.
Title net: lan966x: fix page pool leak in error paths
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-05-11T22:12:49.302Z

Reserved: 2026-03-09T15:48:24.127Z

Link: CVE-2026-31645

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2026-04-24T15:16:43.873

Modified: 2026-04-27T20:19:07.337

Link: CVE-2026-31645

cve-icon Redhat

Severity :

Publid Date: 2026-04-24T00:00:00Z

Links: CVE-2026-31645 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T20:15:26Z

Weaknesses