Memory Leak Vulnerability in Linux Kernel i2c Implementation by The Linux Foundation
CVE-2026-43457

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 8 May 2026

What is CVE-2026-43457?

A memory leak vulnerability exists in the i2c subsystem of the Linux kernel, where newly allocated socket buffers (skbs) may not be released correctly when the 'allow_rx' flag is set to false. This oversight can lead to resource exhaustion and potential performance degradation. When the network interface receives packets and the flag dictates that reception is disabled, the allocated skb should be freed directly instead of being processed. The associated patches address this issue to ensure proper memory management, preventing unnecessary memory occupancy during operation.

Affected Version(s)

Linux f5b8abf9fc3dacd7529d363e26fe8230935d65f8 < 0fb2adbdd5c03e8c9ebcdc48afd414b2724c85eb

Linux f5b8abf9fc3dacd7529d363e26fe8230935d65f8

Linux f5b8abf9fc3dacd7529d363e26fe8230935d65f8 < 9f81be2ab9d8e4744871bfb3e868ef413413829f

References

https://git.kernel.org/stable/c/0fb2adbdd5c03e8c9ebcdc48a...

https://git.kernel.org/stable/c/d7900a43b0a314a645ca0a2ad...

https://git.kernel.org/stable/c/9f81be2ab9d8e4744871bfb3e...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 8, 2026
Vulnerability Reserved
May 1, 2026

CVE-2026-43457 Data

JSON