CVE-2026-23257

Summary

In the Linux kernel, the following vulnerability has been resolved:

net: liquidio: Fix off-by-one error in PF setup_nic_devices() cleanup

In setup_nic_devices(), the initialization loop jumps to the label setup_nic_dev_free on failure. The current cleanup loop while(i–) skip the failing index i, causing a memory leak.

Fix this by changing the loop to iterate from the current index i down to 0.

Also, decrement i in the devlink_alloc failure path to point to the last successfully allocated index.

Compile tested only. Issue found using code review.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxf21fb3ed364bb83533c5efe19354e337ea9ecda9 < af38d9a5cb49fe9d0d282b44f17fdc1f3270d99daffected
LinuxLinuxf21fb3ed364bb83533c5efe19354e337ea9ecda9 < d86c58eb005eb99da402452f3db7a6e0eae32815affected
LinuxLinuxf21fb3ed364bb83533c5efe19354e337ea9ecda9 < f1216b80c9040a904d2ad7c8cd24ca0ff1f36932affected
LinuxLinuxf21fb3ed364bb83533c5efe19354e337ea9ecda9 < a0d2389c8cdc1f05de5eb8663bffe9ed05dca769affected
LinuxLinuxf21fb3ed364bb83533c5efe19354e337ea9ecda9 < f86bd16280a0f88b538394e0565c56ce4756da99affected
LinuxLinuxf21fb3ed364bb83533c5efe19354e337ea9ecda9 < 293eaad0d6d6b2a37a458c7deb7be345349cd963affected
LinuxLinuxf21fb3ed364bb83533c5efe19354e337ea9ecda9 < 8558aef4e8a1a83049ab906d21d391093cfa7e7faffected
LinuxLinux4.2affected
LinuxLinux0 < 4.2unaffected
LinuxLinux5.10.250 <= 5.10.*unaffected
LinuxLinux5.15.200 <= 5.15.*unaffected
LinuxLinux6.1.163 <= 6.1.*unaffected
LinuxLinux6.6.124 <= 6.6.*unaffected
LinuxLinux6.12.70 <= 6.12.*unaffected
LinuxLinux6.18.10 <= 6.18.*unaffected
LinuxLinux6.19 <= *unaffected

Weaknesses

References