CVE-2026-43041
Awaiting Analysis Awaiting Analysis - Queue
Memory Leak in Linux Kernel QRTR

Publication date: 2026-05-01

Last updated on: 2026-05-08

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: net: qrtr: replace qrtr_tx_flow radix_tree with xarray to fix memory leak __radix_tree_create() allocates and links intermediate nodes into the tree one by one. If a subsequent allocation fails, the already-linked nodes remain in the tree with no corresponding leaf entry. These orphaned internal nodes are never reclaimed because radix_tree_for_each_slot() only visits slots containing leaf values. The radix_tree API is deprecated in favor of xarray. As suggested by Matthew Wilcox, migrate qrtr_tx_flow from radix_tree to xarray instead of fixing the radix_tree itself [1]. xarray properly handles cleanup of internal nodes β€” xa_destroy() frees all internal xarray nodes when the qrtr_node is released, preventing the leak. [1] https://lore.kernel.org/all/[email protected]/T/
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-01
Last Modified
2026-05-08
Generated
2026-06-16
AI Q&A
2026-05-01
EPSS Evaluated
2026-06-15
NVD
CVE-2026-43041
EUVD
EUVD-2026-26640
Affected Vendors & Products
Showing 13 associated CPEs
Vendor Product Version / Range
linux linux_kernel 7.0
linux linux_kernel 7.0
linux linux_kernel 7.0
linux linux_kernel 7.0
linux linux_kernel 7.0
linux linux_kernel 7.0
linux linux_kernel From 5.11 (inc) to 5.15.203 (exc)
linux linux_kernel From 6.13 (inc) to 6.18.22 (exc)
linux linux_kernel From 5.16 (inc) to 6.1.168 (exc)
linux linux_kernel From 5.6 (inc) to 5.10.253 (exc)
linux linux_kernel From 6.19 (inc) to 6.19.12 (exc)
linux linux_kernel From 6.7 (inc) to 6.12.81 (exc)
linux linux_kernel From 6.2 (inc) to 6.6.134 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-401 The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the Linux kernel's net subsystem, specifically in the qrtr component. It involves a memory leak caused by the use of the deprecated radix_tree API for managing qrtr_tx_flow data structures.

The issue arises because __radix_tree_create() allocates and links intermediate nodes one by one, but if an allocation fails, the already linked nodes remain in the tree without corresponding leaf entries. These orphaned internal nodes are never reclaimed, leading to a memory leak.

The fix replaces the radix_tree with the newer xarray API, which properly handles cleanup of internal nodes. When the qrtr_node is released, xa_destroy() frees all internal xarray nodes, preventing the memory leak.

Impact Analysis

This vulnerability can lead to a memory leak in the Linux kernel's network subsystem. Over time, the leak could cause increased memory consumption, potentially degrading system performance or causing instability.

In environments with heavy network usage involving qrtr, this could result in resource exhaustion, leading to crashes or denial of service conditions.

Mitigation Strategies

The vulnerability is fixed by replacing the qrtr_tx_flow radix_tree with xarray in the Linux kernel to prevent a memory leak.

To mitigate this vulnerability, you should update your Linux kernel to a version that includes this fix, where qrtr_tx_flow uses xarray instead of radix_tree.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-43041. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart