CVE-2026-43373

Summary

In the Linux kernel, the following vulnerability has been resolved:

net: ncsi: fix skb leak in error paths

Early return paths in NCSI RX and AEN handlers fail to release the received skb, resulting in a memory leak.

Specifically, ncsi_aen_handler() returns on invalid AEN packets without consuming the skb. Similarly, ncsi_rcv_rsp() exits early when failing to resolve the NCSI device, response handler, or request, leaving the skb unfreed.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux138635cc27c9737f940c3aa80912ff7a61c825af < 9891d7f4f1ede473c54b49776ae07755083eef06affected
LinuxLinux138635cc27c9737f940c3aa80912ff7a61c825af < fef5aa6e3bcf3c8053307642663a63b7362d7552affected
LinuxLinux138635cc27c9737f940c3aa80912ff7a61c825af < 81d6aee32f8f7bbc175c05dbf61f4430bfb88c4aaffected
LinuxLinux138635cc27c9737f940c3aa80912ff7a61c825af < 59962588197863d0d746879f193905c0c6b3df49affected
LinuxLinux138635cc27c9737f940c3aa80912ff7a61c825af < 553366c271479c0d571dd1bb5d1bcde4747fb82eaffected
LinuxLinux138635cc27c9737f940c3aa80912ff7a61c825af < b70c4e5e711931cdd56e6e905737b72f1e649189affected
LinuxLinux138635cc27c9737f940c3aa80912ff7a61c825af < 87138dde2d6937b12b967f28fe598a7d59000ae4affected
LinuxLinux138635cc27c9737f940c3aa80912ff7a61c825af < 5c3398a54266541610c8d0a7082e654e9ff3e259affected
LinuxLinux4.8affected
LinuxLinux0 < 4.8unaffected
LinuxLinux5.10.253 <= 5.10.*unaffected
LinuxLinux5.15.203 <= 5.15.*unaffected
LinuxLinux6.1.167 <= 6.1.*unaffected
LinuxLinux6.6.130 <= 6.6.*unaffected
LinuxLinux6.12.78 <= 6.12.*unaffected
LinuxLinux6.18.19 <= 6.18.*unaffected
LinuxLinux6.19.9 <= 6.19.*unaffected
LinuxLinux7.0 <= *unaffected

Weaknesses

References