Error Handling Vulnerability in Linux Kernel's mshv Component
CVE-2026-43045

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 1 May 2026

What is CVE-2026-43045?

The Linux kernel contains an error handling vulnerability within the mshv component, specifically in the pin_user_pages_fast function. This vulnerability arises from improper management of pinned pages, where a short pin count can be incorrectly treated as successful. This oversight can result in the usage of partially pinned memory regions, leading to memory corruption. Furthermore, if an error occurs during the pinning process, the control flow fails to adequately track already pinned pages, resulting in a page reference leak. Addressing these issues involves treating short pins as failures and ensuring accurate accounting of pinned pages during error conditions.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 6.19.12 <= 6.19.*

References

https://git.kernel.org/stable/c/a7d149152bc5a9119854331c5...

https://git.kernel.org/stable/c/c0e296f257671ba10249630fe...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 1, 2026
Vulnerability Reserved
May 1, 2026

CVE-2026-43045 Data

JSON