CVE-2026-31737
Memory Leak in Linux Kernel ftgmac100 Driver
Publication date: 2026-05-01
Last updated on: 2026-05-01
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | kernel | * |
| linux_kernel | linux_kernel | * |
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Linux kernel's ftgmac100 network driver. The function ftgmac100_alloc_rings() allocates several resources in stages, including rx_skbs, tx_skbs, rxdes, txdes, and rx_scratch. If an intermediate allocation fails, the function returned an error (-ENOMEM) immediately without freeing the resources allocated earlier, causing a resource leak.
The fix involves reworking the failure path to properly free allocated resources in reverse order before returning the error, preventing resource leaks and aligning with common network device allocation cleanup practices.
How can this vulnerability impact me? :
This vulnerability can lead to resource leaks in the Linux kernel's network driver. Resource leaks may cause increased memory usage and potentially degrade system performance or stability over time if the leaked resources accumulate.