CVE-2026-43157

EUVD-2026-27720

06.05.2026, 12:16

In the Linux kernel, the following vulnerability has been resolved:

octeontx2-af: CGX: fix bitmap leaks

The RX/TX flow-control bitmaps (rx_fc_pfvf_bmap and tx_fc_pfvf_bmap)
are allocated by cgx_lmac_init() but never freed in cgx_lmac_exit().
Unbinding and rebinding the driver therefore triggers kmemleak:

    unreferenced object (size 16):
        backtrace:
          rvu_alloc_bitmap
          cgx_probe

Free both bitmaps during teardown.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	UNKNOWN				---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: 6%

Debian Releases

Debian Product

Codename

linux

bookworm	vulnerable
bookworm (security)	6.1.170-1 fixed
bullseye	5.10.223-1 fixed
bullseye (security)	5.10.251-4 fixed
forky	6.19.14-1 fixed
sid	7.0.4-1 fixed
trixie	vulnerable
trixie (security)	6.12.86-1 fixed

Vulnerability Media Exposure

[GERMAN] Linux Kernel: Mehrere Schwachstellen
Ein Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um nicht spezifizierte Angriffe durchzuführen, möglicherweise Sicherheitsmaßnahmen zu umgehen, Daten zu manipulieren oder offenzulegen oder einen Denial-of-Service-Zustand zu verursachen.
Published: 2026-05-06T22:00:00+00:00

References

https://git.kernel.org/stable/c/013ac469596a0b8671e62d89c89ae0bd46bbe667

https://git.kernel.org/stable/c/3def995c4ede842adf509c410e92d09a0cedc965

https://git.kernel.org/stable/c/6d389382ee655128056fbdab86baad8495ffbf33

https://git.kernel.org/stable/c/ad8a13a45c5c24d0d32de9a1c3fd58498a675ece

https://git.kernel.org/stable/c/ccca14bbdcc25829d355b9f4d3249f43dadb71c1

https://git.kernel.org/stable/c/ccef79af58b43787c25710c9da96651c6ddfe50f