CVE-2026-23029

In kvmioctlcreatedevice(), kvmdevice has allocated memory, kvmdevice->destroy() seems to be supposed to free its kvmdevice struct, but kvmeiointcdestroy() is not currently doing this, that would lead to a memory leak.

So, fix it.

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23029.json",
    "cna_assigner": "Linux"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

2e8b9df82631e714cc2b7bf302772c8259673180

Fixed

e94ec9661c5820d157d2cc4b6cf4a6ab656a7b4d

Fixed

7d8553fc75aefa7ec936af0cf8443ff90b51732e

Affected versions

v6.*

v6.12

v6.13

v6.13-rc1

v6.13-rc2

v6.13-rc3

v6.13-rc4

v6.13-rc5

v6.13-rc6

v6.13-rc7

v6.14

v6.14-rc1

v6.14-rc2

v6.14-rc3

v6.14-rc4

v6.14-rc5

v6.14-rc6

v6.14-rc7

v6.15

v6.15-rc1

v6.15-rc2

v6.15-rc3

v6.15-rc4

v6.15-rc5

v6.15-rc6

v6.15-rc7

v6.16

v6.16-rc1

v6.16-rc2

v6.16-rc3

v6.16-rc4

v6.16-rc5

v6.16-rc6

v6.16-rc7

v6.17

v6.17-rc1

v6.17-rc2

v6.17-rc3

v6.17-rc4

v6.17-rc5

v6.17-rc6

v6.17-rc7

v6.18

v6.18-rc1

v6.18-rc2

v6.18-rc3

v6.18-rc4

v6.18-rc5

v6.18-rc6

v6.18-rc7

v6.18.1

v6.18.2

v6.18.3

v6.18.4

v6.18.5

v6.18.6

v6.19-rc1

v6.19-rc2

v6.19-rc3

v6.19-rc4

v6.19-rc5

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-23029.json"

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

6.13.0

Fixed

6.18.7

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-23029.json"