CVE-2026-31645

Published: Apr 24, 2026

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: net: lan966x: fix page pool leak in error paths lan966x_fdma_rx_alloc() creates a page pool but does not destroy it if the subsequent fdma_alloc_coherent() call fails, leaking the pool. Similarly, lan966x_fdma_init() frees the coherent DMA memory when lan966x_fdma_tx_alloc() fails but does not destroy the page pool that was successfully created by lan966x_fdma_rx_alloc(), leaking it. Add the missing page_pool_destroy() calls in both error paths.

Vendor	Product	Versions
Linux	Linux	affected `11871aba19748b3387e83a2db6360aa7119e9a1a - < 73e940c4249dc5ec6422d1fae535d192fb125955` affected `11871aba19748b3387e83a2db6360aa7119e9a1a - < 22e1ee9f22b5c3bb702bb6d4167d770002a85b2b` affected `11871aba19748b3387e83a2db6360aa7119e9a1a - < 4941e234cfd67ac911fb259642b453f9f76aac41` affected `11871aba19748b3387e83a2db6360aa7119e9a1a - < 076344a6ad9d1308faaed1402fdcfdda68b604ab`
Linux	Linux	affected `6.2` unaffected `0 - < 6.2` unaffected `6.12.82 - <= 6.12.` unaffected `6.18.23 - <= 6.18.` unaffected `6.19.13 - <= 6.19.*` +1 more versions

References

https://git.kernel.org/stable/c/73e940c4249dc5ec6422d1fae535d192fb125955

https://git.kernel.org/stable/c/22e1ee9f22b5c3bb702bb6d4167d770002a85b2b

https://git.kernel.org/stable/c/4941e234cfd67ac911fb259642b453f9f76aac41

https://git.kernel.org/stable/c/076344a6ad9d1308faaed1402fdcfdda68b604ab

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2026-31645

Description

Affected Products

References