CVE-2026-43295 PUBLISHED

rapidio: replace rio_free_net() with kfree() in rio_scan_alloc_net()

Assigner: Linux
Reserved: 01.05.2026 Published: 08.05.2026 Updated: 08.05.2026

In the Linux kernel, the following vulnerability has been resolved:

rapidio: replace rio_free_net() with kfree() in rio_scan_alloc_net()

When idtab allocation fails, net is not registered with rio_add_net() yet, so kfree(net) is sufficient to release the memory. Set mport->net to NULL to avoid dangling pointer.

Product Status

Vendor	Linux
Product	Linux
Versions	Default: unaffected affected from e6b585ca6e81badeb3d42db3cc408174f2826034 to 83e579c2f7f6b1706323d744833b26470049dcc2 (excl.) affected from e6b585ca6e81badeb3d42db3cc408174f2826034 to 34a4f233df5eef5f1f113b2196142c0568b387f8 (excl.) affected from e6b585ca6e81badeb3d42db3cc408174f2826034 to fecf292c6691970897396190855aa38826b7104e (excl.) affected from e6b585ca6e81badeb3d42db3cc408174f2826034 to 649c2e853608cad0b0cba545555d168e67f094b3 (excl.) affected from e6b585ca6e81badeb3d42db3cc408174f2826034 to 87272e3e70ec4b666885bd520ff77463c11444ef (excl.) affected from e6b585ca6e81badeb3d42db3cc408174f2826034 to e5a732bfe29451e16abf9c6f07ce5948b22f3d59 (excl.) affected from e6b585ca6e81badeb3d42db3cc408174f2826034 to 78812c4fb7ed242d5961bf1337a49070d6487c94 (excl.) affected from e6b585ca6e81badeb3d42db3cc408174f2826034 to 666183dcdd9ad3b8156a1df7f204f728f720380f (excl.)

Vendor	Linux
Product	Linux
Versions	Default: affected Version 4.6 is affected unaffected from 0 to 4.6 (excl.) unaffected from 5.10.252 to 5.10.* (incl.) unaffected from 5.15.202 to 5.15.* (incl.) unaffected from 6.1.165 to 6.1.* (incl.) unaffected from 6.6.128 to 6.6.* (incl.) unaffected from 6.12.75 to 6.12.* (incl.) unaffected from 6.18.16 to 6.18.* (incl.) unaffected from 6.19.6 to 6.19.* (incl.) unaffected from 7.0 to * (incl.)

CVE-2026-43295 PUBLISHED

rapidio: replace rio_free_net() with kfree() in rio_scan_alloc_net()

Product Status

References