Off-by-One Error in Linux Kernel's NIC Device Setup by LiquidIO
CVE-2026-23256

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 18 March 2026

What is CVE-2026-23256?

A vulnerability exists in the Linux kernel's handling of NIC device initialization within the LiquidIO framework. The problem arises during the setup_nic_devices() process, where an off-by-one error occurs. Specifically, the loop intended for cleanup skips the current index when a failure occurs, resulting in a memory leak. This issue can lead to resource exhaustion and degraded performance due to unfreed memory. A patch has been implemented to iterate correctly from the failing index down to zero, ensuring proper cleanup and resource management.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch