Medium severity5.5NVD Advisory· Published Mar 18, 2026· Updated May 21, 2026
CVE-2026-23257
CVE-2026-23257
Description
In the Linux kernel, the following vulnerability has been resolved:
net: liquidio: Fix off-by-one error in PF setup_nic_devices() cleanup
In setup_nic_devices(), the initialization loop jumps to the label setup_nic_dev_free on failure. The current cleanup loop while(i--) skip the failing index i, causing a memory leak.
Fix this by changing the loop to iterate from the current index i down to 0.
Also, decrement i in the devlink_alloc failure path to point to the last successfully allocated index.
Compile tested only. Issue found using code review.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
12cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*+ 10 more
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*range: >=4.2,<5.10.250
- cpe:2.3:o:linux:linux_kernel:6.19:rc1:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:6.19:rc2:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:6.19:rc3:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:6.19:rc4:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:6.19:rc5:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:6.19:rc6:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:6.19:rc7:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:6.19:rc8:*:*:*:*:*:*
- (no CPE)
- (no CPE)range: 4.2
Patches
Vulnerability mechanics
References
7- git.kernel.org/stable/c/293eaad0d6d6b2a37a458c7deb7be345349cd963nvdPatch
- git.kernel.org/stable/c/8558aef4e8a1a83049ab906d21d391093cfa7e7fnvdPatch
- git.kernel.org/stable/c/a0d2389c8cdc1f05de5eb8663bffe9ed05dca769nvdPatch
- git.kernel.org/stable/c/af38d9a5cb49fe9d0d282b44f17fdc1f3270d99dnvdPatch
- git.kernel.org/stable/c/d86c58eb005eb99da402452f3db7a6e0eae32815nvdPatch
- git.kernel.org/stable/c/f1216b80c9040a904d2ad7c8cd24ca0ff1f36932nvdPatch
- git.kernel.org/stable/c/f86bd16280a0f88b538394e0565c56ce4756da99nvdPatch
News mentions
0No linked articles in our index yet.