CVE-2026-43149
Awaiting Analysis Awaiting Analysis - Queue
Memory Leak in Linux Kernel FSL UCC HDLC Driver

Publication date: 2026-05-06

Last updated on: 2026-05-06

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: net: wan/fsl_ucc_hdlc: Fix dma_free_coherent() in uhdlc_memclean() The priv->rx_buffer and priv->tx_buffer are alloc'd together as contiguous buffers in uhdlc_init() but freed as two buffers in uhdlc_memclean(). Change the cleanup to only call dma_free_coherent() once on the whole buffer.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-06
Last Modified
2026-05-06
Generated
2026-06-16
AI Q&A
2026-05-06
EPSS Evaluated
2026-06-15
NVD
CVE-2026-43149
EUVD
EUVD-2026-27710
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Mitigation Strategies

The vulnerability is fixed by correcting the dma_free_coherent() call in the Linux kernel's net: wan/fsl_ucc_hdlc driver. To mitigate this vulnerability, you should update your Linux kernel to a version that includes this fix.

  • Apply the latest Linux kernel updates or patches that address the dma_free_coherent() fix in uhdlc_memclean().
  • Avoid using vulnerable kernel versions until patched.
Executive Summary

This vulnerability is related to the Linux kernel's handling of memory buffers in the net: wan/fsl_ucc_hdlc driver. Specifically, the rx_buffer and tx_buffer are allocated together as contiguous memory buffers in the uhdlc_init() function but are incorrectly freed as two separate buffers in the uhdlc_memclean() function. This mismatch in allocation and deallocation was fixed by changing the cleanup process to call dma_free_coherent() only once on the entire buffer.

Impact Analysis

This vulnerability involves improper freeing of DMA coherent memory buffers in the Linux kernel's uhdlc driver. Specifically, the rx_buffer and tx_buffer are allocated as a contiguous buffer but freed separately, which could lead to memory management issues such as memory leaks or corruption.

The impact could include system instability, potential crashes, or unexpected behavior in network communication handled by the affected driver.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-43149. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart