CVE-2026-43157
Awaiting Analysis Awaiting Analysis - Queue
Memory Leak in Linux Kernel OcteonTX2 AF Driver

Publication date: 2026-05-06

Last updated on: 2026-05-06

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: CGX: fix bitmap leaks The RX/TX flow-control bitmaps (rx_fc_pfvf_bmap and tx_fc_pfvf_bmap) are allocated by cgx_lmac_init() but never freed in cgx_lmac_exit(). Unbinding and rebinding the driver therefore triggers kmemleak: unreferenced object (size 16): backtrace: rvu_alloc_bitmap cgx_probe Free both bitmaps during teardown.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-06
Last Modified
2026-05-06
Generated
2026-06-16
AI Q&A
2026-05-06
EPSS Evaluated
2026-06-14
NVD
CVE-2026-43157
EUVD
EUVD-2026-27720
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the Linux kernel's octeontx2-af CGX driver, where two bitmaps used for RX/TX flow-control (rx_fc_pfvf_bmap and tx_fc_pfvf_bmap) are allocated during initialization but never freed during driver exit.

Because these bitmaps are not freed when the driver is unbound and rebound, it causes a memory leak detected by kmemleak, which tracks unreferenced kernel memory objects.

The fix involves freeing both bitmaps properly during the driver's teardown process to prevent this memory leak.

Impact Analysis

This vulnerability can lead to a memory leak in the Linux kernel when the affected driver is unbound and rebound repeatedly.

Over time, this memory leak could consume kernel memory resources, potentially degrading system performance or stability.

However, the vulnerability does not indicate direct exploitation for privilege escalation or data corruption.

Detection Guidance

This vulnerability involves memory leaks in the Linux kernel related to the octeontx2-af CGX driver, specifically bitmap leaks during driver unbinding and rebinding.

Detection can be performed by monitoring kernel memory leak reports, especially using kmemleak, which can identify unreferenced objects such as the leaked bitmaps.

A suggested approach is to enable kmemleak in the kernel and check its reports after unbinding and rebinding the affected driver.

  • Enable kmemleak: echo scan > /sys/kernel/debug/kmemleak
  • Check kmemleak reports: cat /sys/kernel/debug/kmemleak
  • Unbind the driver: echo <device-id> > /sys/bus/platform/drivers/cgx/unbind
  • Rebind the driver: echo <device-id> > /sys/bus/platform/drivers/cgx/bind

After these steps, reviewing kmemleak output can help detect the presence of the bitmap memory leaks.

Mitigation Strategies

The vulnerability is caused by bitmap memory leaks in the octeontx2-af CGX driver due to bitmaps not being freed during driver teardown.

Immediate mitigation involves applying the fix that frees both RX and TX flow-control bitmaps during driver teardown.

If a patch is available, update the Linux kernel to a version that includes this fix.

Until the patch is applied, avoid unbinding and rebinding the CGX driver to prevent triggering the memory leak.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-43157. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart