CVE-2026-23028

Published: Jan 31, 2026

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix kvm_device leak in kvm_ipi_destroy() In kvm_ioctl_create_device(), kvm_device has allocated memory, kvm_device->destroy() seems to be supposed to free its kvm_device struct, but kvm_ipi_destroy() is not currently doing this, that would lead to a memory leak. So, fix it.

Vendor	Product	Versions
Linux	Linux	affected `c532de5a67a70f8533d495f8f2aaa9a0491c3ad0 - < 5defcc2f9c22e6e09b5be68234ad10f4ba0292b7` affected `c532de5a67a70f8533d495f8f2aaa9a0491c3ad0 - < 0bf58cb7288a4d3de6d8ecbb3a65928a9362bf21`
Linux	Linux	affected `6.13` unaffected `0 - < 6.13` unaffected `6.18.7 - <= 6.18.` unaffected `6.19 - <= `

References

https://git.kernel.org/stable/c/5defcc2f9c22e6e09b5be68234ad10f4ba0292b7

https://git.kernel.org/stable/c/0bf58cb7288a4d3de6d8ecbb3a65928a9362bf21

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2026-23028

Description

Affected Products

References