CVE-2026-23256

net: liquidio: Fix off-by-one error in VF setup_nic_devices() cleanup

Severity Score

"-"

*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: net: liquidio: Fix off-by-one error in VF setup_nic_devices() cleanup In setup_nic_devices(), the initialization loop jumps to the label
setup_nic_dev_free on failure. The current cleanup loop while(i--)
skip the failing index i, causing a memory leak. Fix this by changing the loop to iterate from the current index i
down to 0. Compile tested only. Issue found using code review.

En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta: net: liquidio: Corrección de error de uno en la limpieza de VF setup_nic_devices() En setup_nic_devices(), el bucle de inicialización salta a la etiqueta setup_nic_dev_free en caso de fallo. El bucle de limpieza actual while(i--) omite el índice i que falla, causando una fuga de memoria. Esto se corrige cambiando el bucle para que itere desde el índice actual i hasta 0. Solo probado en compilación. Problema encontrado mediante revisión de código.

*Credits: N/A

CVSS Scores

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2026-01-13 CVE Reserved
2026-03-18 CVE Published
2026-04-19 EPSS Updated
2026-05-11 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (8)

URL	Tag	Source
https://git.kernel.org/stable/c/846b46873eeb3baf40f7e6d8fe8f98aec95e7727	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/bd680e56e316be92c01568be98d85d7a6c9bd92c	2026-02-11
https://git.kernel.org/stable/c/01fbca1e93ec3f39f76c31a8f9afa32ce00da48a	2026-02-11
https://git.kernel.org/stable/c/71a56b89203ec7e5670d94a61a9b4ae617eca804	2026-02-11
https://git.kernel.org/stable/c/3bf519e39b51cb08a93c0599870b35a23db1031e	2026-02-11
https://git.kernel.org/stable/c/52b19b3a22306fe452ec9e8ff96063f4bfb77b99	2026-02-11
https://git.kernel.org/stable/c/4640fa5ad5e1a0dbd1c2d22323b7d70a8107dcfd	2026-02-11
https://git.kernel.org/stable/c/6cbba46934aefdfb5d171e0a95aec06c24f7ca30	2026-01-30

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.10 < 5.10.250 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.10 < 5.10.250"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.10 < 5.15.200 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.10 < 5.15.200"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.10 < 6.1.163 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.10 < 6.1.163"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.10 < 6.6.124 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.10 < 6.6.124"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.10 < 6.12.70 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.10 < 6.12.70"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.10 < 6.18.10 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.10 < 6.18.10"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.10 < 6.19 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.10 < 6.19"		en		Affected