CVE-2026-43041
Published: May 1, 2026
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: net: qrtr: replace qrtr_tx_flow radix_tree with xarray to fix memory leak __radix_tree_create() allocates and links intermediate nodes into the tree one by one. If a subsequent allocation fails, the already-linked nodes remain in the tree with no corresponding leaf entry. These orphaned internal nodes are never reclaimed because radix_tree_for_each_slot() only visits slots containing leaf values. The radix_tree API is deprecated in favor of xarray. As suggested by Matthew Wilcox, migrate qrtr_tx_flow from radix_tree to xarray instead of fixing the radix_tree itself [1]. xarray properly handles cleanup of internal nodes — xa_destroy() frees all internal xarray nodes when the qrtr_node is released, preventing the leak. [1] https://lore.kernel.org/all/[email protected]/T/
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 5fdeb0d372ab33b4175043a2a4a1730239a217f1 - < f2dd9aaf6e2861337f5835f877a5b2becaf4b015affected 5fdeb0d372ab33b4175043a2a4a1730239a217f1 - < 4b75ff0aedd6ade1018ad4a3a9d8336794e36e42affected 5fdeb0d372ab33b4175043a2a4a1730239a217f1 - < ff134cc43972d7ddceff8cfd36cf6b9eaafc00b3affected 5fdeb0d372ab33b4175043a2a4a1730239a217f1 - < 0fda873092b541bb5a9b87d728a2429f863f8cfaaffected 5fdeb0d372ab33b4175043a2a4a1730239a217f1 - < 69402908e277dd164bf8d7c8fd0513c0fac28e9e+3 more versions |
Linux | Linux | affected 5.6unaffected 0 - < 5.6unaffected 5.10.253 - <= 5.10.*unaffected 5.15.203 - <= 5.15.*unaffected 6.1.168 - <= 6.1.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now