CVE-2026-43157

Source
https://cve.org/CVERecord?id=CVE-2026-43157
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-43157.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2026-43157
Downstream
Published
2026-05-06T11:27:37.185Z
Modified
2026-06-18T03:54:32.647902485Z
Summary
octeontx2-af: CGX: fix bitmap leaks
Details

In the Linux kernel, the following vulnerability has been resolved:

octeontx2-af: CGX: fix bitmap leaks

The RX/TX flow-control bitmaps (rxfcpfvfbmap and txfcpfvfbmap) are allocated by cgxlmacinit() but never freed in cgxlmacexit(). Unbinding and rebinding the driver therefore triggers kmemleak:

unreferenced object (size 16):
    backtrace:
      rvu_alloc_bitmap
      cgx_probe

Free both bitmaps during teardown.

Database specific
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/43xxx/CVE-2026-43157.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
e740003874edc13e468d19233f99787bedb4bb8e
Fixed
ad8a13a45c5c24d0d32de9a1c3fd58498a675ece
Fixed
013ac469596a0b8671e62d89c89ae0bd46bbe667
Fixed
ccef79af58b43787c25710c9da96651c6ddfe50f
Fixed
6d389382ee655128056fbdab86baad8495ffbf33
Fixed
ccca14bbdcc25829d355b9f4d3249f43dadb71c1
Fixed
3def995c4ede842adf509c410e92d09a0cedc965

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-43157.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.18.0
Fixed
6.1.165
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.128
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.75
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.18.16
Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
6.19.6

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-43157.json"