Memory Leak in Airoha QDMA RX Process Affects Linux Kernel
CVE-2026-43102

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 6 May 2026

What is CVE-2026-43102?

A vulnerability in the Linux kernel's airoha QDMA RX process can lead to a memory leak under specific error conditions. When errors occur related to the non-linear parts of the socket buffer (skb), such as incorrect payload lengths from the network interface controller (NIC) or exhaustion of available fragments, the page_pool fragment fails to return to the pool. This oversight in handling memory management can lead to inefficient resource use, necessitating timely updates to mitigate potential exploitation. System administrators are encouraged to implement the recent fixes that address this issue by ensuring that the page_pool_put_full_page routine is executed in the error handling path for the airoha_qdma_rx_process.

Affected Version(s)

Linux d6d2b0e1538d5c381ec0ca95afaf772c096ea5dc < 4429b761874fb9c7767d12d98913a467ef2654f1

Linux d6d2b0e1538d5c381ec0ca95afaf772c096ea5dc < 7ee0063fbab8aea8f4e4e3165f541bf898b77b80

Linux d6d2b0e1538d5c381ec0ca95afaf772c096ea5dc < 285fa6b1e03cff78ead0383e1b259c44b95faf90

References

https://git.kernel.org/stable/c/4429b761874fb9c7767d12d98...

https://git.kernel.org/stable/c/7ee0063fbab8aea8f4e4e3165...

https://git.kernel.org/stable/c/285fa6b1e03cff78ead0383e1...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 6, 2026
Vulnerability Reserved
May 1, 2026

CVE-2026-43102 Data

JSON