CVE-2026-43064

Vulnerability

Overview

CVE-2026-43064 is a resource leak vulnerability in the Linux kernel's dmaengine: idxd driver. The bug occurs when a workqueue associated with a DSA (Data Streaming Accelerator) or IAA (Integrity and Data Accelerator) device is not released when the device object is freed via the .release() method [1][2]. This omission causes the workqueue to persist after the device has been deallocated, wasting kernel memory and potentially preventing proper cleanup of related resources.

Exploitation

Context

The vulnerability is triggered during normal device removal or driver unload operations. No special authentication is required beyond the ability to trigger a device removal (e.g., unbinding the driver or physically removing a device). An attacker with local access and sufficient privileges to manage hardware devices could repeatedly create and destroy DSA/IAA devices to exhaust system memory. The attack surface is local, requiring access to the host system.

Impact

An attacker who exploits this bug can cause a denial of service (DoS) by exhausting kernel memory through accumulated unreleased workqueues. Each unreleased workqueue consumes memory and kernel object references, potentially leading to system stability may degrade until a reboot is required. The vulnerability does not directly allow privilege escalation or arbitrary code execution.

Mitigation

Patches for this issue have been committed to the Linux kernel stable tree [1][2][3][4]. Administrators should update to kernels containing these commits. No workaround is available for unpatched systems; removal of DSA/IAA devices should be avoided until the fix is applied.