CVE-2026-23028 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix kvm_device leak in kvm_ipi_destroy() In kvm_ioctl_create_device(), kvm_device has allocated memory, kvm_device->destroy() seems to be supposed to free its kvm_device struct, but kvm_ipi_destroy() is not currently doing this, that would lead to a memory leak. So, fix it.

PUBLISHED Reserved 2026-01-13 | Published 2026-01-31 | Updated 2026-02-09 | Assigner Linux

Product status

Default status

unaffected

c532de5a67a70f8533d495f8f2aaa9a0491c3ad0 (git) before 5defcc2f9c22e6e09b5be68234ad10f4ba0292b7

affected

c532de5a67a70f8533d495f8f2aaa9a0491c3ad0 (git) before 0bf58cb7288a4d3de6d8ecbb3a65928a9362bf21

affected

Default status

affected

6.13

affected

Any version before 6.13

unaffected

6.18.7 (semver)

unaffected

6.19 (original_commit_for_fix)

unaffected

References

git.kernel.org/...c/5defcc2f9c22e6e09b5be68234ad10f4ba0292b7

git.kernel.org/...c/0bf58cb7288a4d3de6d8ecbb3a65928a9362bf21

cve.org (CVE-2026-23028)

nvd.nist.gov (CVE-2026-23028)

Download JSON

help @ threatint.eu