Buffer Cleanup Issue in Linux Kernel Affecting Google Ethernet Driver
CVE-2026-23386

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
25 March 2026

What is CVE-2026-23386?

In the Linux kernel, a flaw in the Google Ethernet Driver's handling of buffer cleanup in DQ-QPL mode has been detected. The issue arises during the execution of the gve_tx_clean_pending_packets function, which improperly utilizes the RDA buffer cleanup method. This mismanagement orchestrates two significant problems: First, the DMA array's shared storage with tx_qpl_buf_ids leads to the incorrect interpretation of buffer IDs as DMA addresses, resulting in errors when unmapping memory. Second, the num_bufs value in QPL mode, which can count significantly higher than the size of the DMA array, leads to potential out-of-bounds access warnings. As a solution, a more rigorous check for QPL mode has been recommended, to ensure proper buffer reclamation through the gve_free_tx_qpl_bufs function.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux a6fb8d5a8b6925f1e635818d3dd2d89531d4a058 < 71511dae56a75ce161aa746741e5c498feaea393

Linux a6fb8d5a8b6925f1e635818d3dd2d89531d4a058

Linux a6fb8d5a8b6925f1e635818d3dd2d89531d4a058 < 07e0c80e17ef781799e7cd5c41a7bf44f1bf6a5f

References

https://git.kernel.org/stable/c/71511dae56a75ce161aa74674...
https://git.kernel.org/stable/c/c171f90f58974c784db25e060...
https://git.kernel.org/stable/c/07e0c80e17ef781799e7cd5c4...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.