CVE-2026-43064 - Vulnerability Details

- dmaengine: idxd: Fix not releasing workqueue on .release()

Description

In the Linux kernel, the following vulnerability has been resolved:

dmaengine: idxd: Fix not releasing workqueue on .release()

The workqueue associated with an DSA/IAA device is not released when
the object is freed.

Published: 2026-05-05

Score: n/a

EPSS: n/a

KEV: No

Impact:

Action:

Analysis

Impact

The kernel driver for idxd devices incorrectly fails to free the workqueue that is created during the device’s lifecycle. This omission means that the workqueue remains allocated even after the device object has been released, causing a resource leak within the kernel. If the leak persists, it can consume kernel memory, prevent further workqueue allocations, and potentially lead to system instability or service interruptions. The core weakness is improper resource deallocation, classifiable as a resource leak flaw (CWE‑391).

Affected Systems

All Linux kernel deployments that include the idxd DMA engine for DSA/IAA devices are affected. The issue is present wherever the kernel builds include the idxd driver; it is not limited to a specific vendor or version beyond the Linux kernel itself. If a system uses a custom kernel that omits the patch, the same risk applies.

Risk and Exploitability

The vulnerability lacks an accessible exploit vector in its public description, and no EPSS score or KEV listing is reported. However, because it manifests at the kernel level, a local account with sufficient privileges to add or remove DSA/IAA devices could trigger the leak. The absence of an EPSS or KEV indication suggests that widespread exploitation has not been observed yet, but the potential for denial of service exists if the kernel allocates workqueues until exhaustion. The risk is therefore moderate to high, especially in environments that frequently manage idxd devices.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

unaffected

Version	Status	Constraints
`47c16ac27d4cb664cee53ee0b9b7e2f907923fb3`	affected	< fd4cb61bbd0fc3a749a8da6145cbb56d8f6dba35
`47c16ac27d4cb664cee53ee0b9b7e2f907923fb3`	affected	< 2bb9e9e93adff9cc8a138ae9a3a8d59b3452272e
`47c16ac27d4cb664cee53ee0b9b7e2f907923fb3`	affected	< d02c24af126dee45247dc7890409c86d1831859d
`47c16ac27d4cb664cee53ee0b9b7e2f907923fb3`	affected	< 958e96533ddbd1edd127feb7624a7eed0cc379dc
`47c16ac27d4cb664cee53ee0b9b7e2f907923fb3`	affected	< fc34f199eb576b3a73089452fdf0056cc9a9301d
`47c16ac27d4cb664cee53ee0b9b7e2f907923fb3`	affected	< 3d33de353b1ff9023d5ec73b9becf80ea87af695
`3f0e87eb9680975184e98aed0e8866b4442a31f6`	affected	—
`a13e4cf29da68630a116c1309072a265ade9566d`	affected	—

Linux

affected

Version	Status	Constraints
`5.13`	affected	—
`0`	unaffected	< 5.13
`6.1.168`	unaffected	≤ 6.1.*
`6.6.131`	unaffected	≤ 6.6.*
`6.12.80`	unaffected	≤ 6.12.*
`6.18.21`	unaffected	≤ 6.18.*
`6.19.11`	unaffected	≤ 6.19.*
`7.0`	unaffected	≤ *

No data.

Vendor Product Confidence Versions

Linux

Linux Kernel

99%

Version	Status	Scheme	Platform
`[47c16ac27d4cb664cee53ee0b9b7e2f907923fb3,fd4cb61bbd0fc3a749a8da6145cbb56d8f6dba35)`	affected	code_commit	—
`[47c16ac27d4cb664cee53ee0b9b7e2f907923fb3,2bb9e9e93adff9cc8a138ae9a3a8d59b3452272e)`	affected	code_commit	—
`[47c16ac27d4cb664cee53ee0b9b7e2f907923fb3,d02c24af126dee45247dc7890409c86d1831859d)`	affected	code_commit	—
`[47c16ac27d4cb664cee53ee0b9b7e2f907923fb3,958e96533ddbd1edd127feb7624a7eed0cc379dc)`	affected	code_commit	—
`[47c16ac27d4cb664cee53ee0b9b7e2f907923fb3,fc34f199eb576b3a73089452fdf0056cc9a9301d)`	affected	code_commit	—
`[47c16ac27d4cb664cee53ee0b9b7e2f907923fb3,3d33de353b1ff9023d5ec73b9becf80ea87af695)`	affected	code_commit	—
`3f0e87eb9680975184e98aed0e8866b4442a31f6`	affected	code_commit	—
`a13e4cf29da68630a116c1309072a265ade9566d`	affected	code_commit	—

Linux

Linux Kernel

99%

Version	Status	Scheme	Platform
`5.13`	affected	semver	—
`[0,5.13)`	unaffected	semver	—
`[6.1.168,6.2.0)`	unaffected	semver	—
`[6.6.131,6.7.0)`	unaffected	semver	—
`[6.12.80,6.13.0)`	unaffected	semver	—
`[6.18.21,6.19.0)`	unaffected	semver	—
`[6.19.11,6.20.0)`	unaffected	semver	—
`[7.0,*]`	unaffected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Update the Linux kernel to a release that includes the fix for the idxd workqueue release bug
If an immediate upgrade is not feasible, disable or unload the idxd DSA/IAA module to prevent the creation of new workqueues
Monitor system memory and workqueue counts for abnormal growth, and schedule a kernel reboot if leaks are detected

Generated by OpenCVE AI on May 5, 2026 at 17:23 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://git.kernel.org/stable/c/2bb9e9e93adff9cc8a138ae9a3a8d59b3452272e
https://git.kernel.org/stable/c/3d33de353b1ff9023d5ec73b9becf80ea87af695
https://git.kernel.org/stable/c/958e96533ddbd1edd127feb7624a7eed0cc379dc
https://git.kernel.org/stable/c/d02c24af126dee45247dc7890409c86d1831859d
https://git.kernel.org/stable/c/fc34f199eb576b3a73089452fdf0056cc9a9301d
https://git.kernel.org/stable/c/fd4cb61bbd0fc3a749a8da6145cbb56d8f6dba35

History

Tue, 05 May 2026 17:45:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-391

Tue, 05 May 2026 16:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix not releasing workqueue on .release() The workqueue associated with an DSA/IAA device is not released when the object is freed.
Title		dmaengine: idxd: Fix not releasing workqueue on .release()
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/2bb9e9e93adff9cc8a138ae9a3a8d59b3452272e https://git.kernel.org/stable/c/3d33de353b1ff9023d5ec73b9becf80ea87af695 https://git.kernel.org/stable/c/958e96533ddbd1edd127feb7624a7eed0cc379dc https://git.kernel.org/stable/c/d02c24af126dee45247dc7890409c86d1831859d https://git.kernel.org/stable/c/fc34f199eb576b3a73089452fdf0056cc9a9301d https://git.kernel.org/stable/c/fd4cb61bbd0fc3a749a8da6145cbb56d8f6dba35

Subscriptions

Linux Linux Kernel

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-05-05T15:23:24.687Z

Updated: 2026-05-05T15:23:24.687Z

Reserved: 2026-05-01T14:12:55.981Z

Link: CVE-2026-43064

Vulnrichment

No data.

NVD

Status : Received

Published: 2026-05-05T16:16:15.567

Modified: 2026-05-05T16:16:15.567

Link: CVE-2026-43064

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-05-05T19:45:25Z

Weaknesses

CWE-391

Impact

Affected Systems

Risk and Exploitability

Tracking

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object