CVE-2026-43457

Summary

In the Linux kernel, the following vulnerability has been resolved:

mctp: i2c: fix skb memory leak in receive path

When 'midev->allow_rx' is false, the newly allocated skb isn't consumed by netif_rx(), it needs to free the skb directly.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxf5b8abf9fc3dacd7529d363e26fe8230935d65f8 < 0fb2adbdd5c03e8c9ebcdc48afd414b2724c85ebaffected
LinuxLinuxf5b8abf9fc3dacd7529d363e26fe8230935d65f8 < d7900a43b0a314a645ca0a2adf45928dbc7001f4affected
LinuxLinuxf5b8abf9fc3dacd7529d363e26fe8230935d65f8 < 9f81be2ab9d8e4744871bfb3e868ef413413829faffected
LinuxLinuxf5b8abf9fc3dacd7529d363e26fe8230935d65f8 < 1ec54187e1aa40a4cfa2b265e9a311179f24b98daffected
LinuxLinuxf5b8abf9fc3dacd7529d363e26fe8230935d65f8 < 1b1be322342a6b0085bf6ee52235e5ac9834ec25affected
LinuxLinuxf5b8abf9fc3dacd7529d363e26fe8230935d65f8 < e3f5e0f22cfc2371e7471c9fd5b4da78f9df7c69affected
LinuxLinux5.18affected
LinuxLinux0 < 5.18unaffected
LinuxLinux6.1.167 <= 6.1.*unaffected
LinuxLinux6.6.130 <= 6.6.*unaffected
LinuxLinux6.12.78 <= 6.12.*unaffected
LinuxLinux6.18.19 <= 6.18.*unaffected
LinuxLinux6.19.9 <= 6.19.*unaffected
LinuxLinux7.0 <= *unaffected

Weaknesses

References