CVE-2026-43045
mshv: Fix memory corruption in region pinning error handling
Publication date: 2026-05-01
Last updated on: 2026-05-01
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Linux kernel's mshv component related to error handling in the mshv_region_pin function.
The issue arises because the function pin_user_pages_fast() can return a short pin count, meaning it pins fewer pages than requested but still more than zero. The current code treats this as a success, which leads to partially pinned memory regions being used. This can cause memory corruption.
Additionally, if an error occurs during the pinning process, the pages that were already pinned in the current batch are not properly accounted for before cleanup, causing a page reference leak.
The fix involves treating short pins as errors and properly accounting for partially pinned pages before cleanup to prevent memory corruption and leaks.
How can this vulnerability impact me? :
This vulnerability can lead to memory corruption due to the use of partially pinned memory regions.
Memory corruption can cause system instability, crashes, or potentially allow an attacker to execute arbitrary code or escalate privileges if exploited.
Additionally, the page reference leak caused by improper cleanup can lead to resource exhaustion over time, potentially degrading system performance or causing denial of service.