CVE-2026-46038
Analyzed Analyzed - Analysis Complete
Memory Leak in Linux Kernel QRTR Nameserver

Publication date: 2026-05-27

Last updated on: 2026-06-16

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Free the node during ctrl_cmd_bye() A node sends the BYE packet when it is about to go down. So the nameserver should advertise the removal of the node to all remote and local observers and free the node finally. But currently, the nameserver doesn't free the node memory even after processing the BYE packet. This causes the node memory to leak. Hence, remove the node from Xarray list and free the node memory during both success and failure case of ctrl_cmd_bye().
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-27
Last Modified
2026-06-16
Generated
2026-06-16
AI Q&A
2026-05-28
EPSS Evaluated
2026-06-15
NVD
CVE-2026-46038
EUVD
EUVD-2026-32419
Affected Vendors & Products
Showing 4 associated CPEs
Vendor Product Version / Range
linux linux_kernel From 6.7 (inc) to 6.12.86 (exc)
linux linux_kernel From 6.13 (inc) to 6.18.27 (exc)
linux linux_kernel From 6.19 (inc) to 7.0.4 (exc)
linux linux_kernel From 5.7 (inc) to 6.6.140 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-401 The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Mitigation Strategies

To mitigate this vulnerability, update the Linux kernel to a version where the issue has been resolved. The fix involves properly freeing node memory during the ctrl_cmd_bye() process to prevent memory leaks.

Executive Summary

This vulnerability exists in the Linux kernel's net subsystem, specifically in the qrtr nameserver component. When a node is about to go down, it sends a BYE packet to notify others. The nameserver is supposed to advertise the removal of this node to all observers and then free the memory allocated for the node. However, due to this vulnerability, the nameserver does not free the node's memory after processing the BYE packet, causing a memory leak.

The fix involves removing the node from the Xarray list and freeing the node memory during both success and failure cases of the ctrl_cmd_bye() function.

Impact Analysis

This vulnerability can lead to a memory leak in the Linux kernel's qrtr nameserver. Over time, the leaked memory can accumulate, potentially causing increased memory usage, degraded system performance, or even system instability or crashes if the memory exhaustion becomes severe.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-46038. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart