CVE-2026-43373
- Source
- https://cve.org/CVERecord?id=CVE-2026-43373
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-43373.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2026-43373
- Downstream
- Published
- 2026-05-08T14:21:23.875Z
- Modified
- 2026-05-28T03:54:49.197971508Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- net: ncsi: fix skb leak in error paths
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
net: ncsi: fix skb leak in error paths
Early return paths in NCSI RX and AEN handlers fail to release the received skb, resulting in a memory leak.
Specifically, ncsiaenhandler() returns on invalid AEN packets without consuming the skb. Similarly, ncsircvrsp() exits early when failing to resolve the NCSI device, response handler, or request, leaving the skb unfreed.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/43xxx/CVE-2026-43373.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/stable/c/553366c271479c0d571dd1bb5d1bcde4747fb82e
- https://git.kernel.org/stable/c/59962588197863d0d746879f193905c0c6b3df49
- https://git.kernel.org/stable/c/5c3398a54266541610c8d0a7082e654e9ff3e259
- https://git.kernel.org/stable/c/81d6aee32f8f7bbc175c05dbf61f4430bfb88c4a
- https://git.kernel.org/stable/c/87138dde2d6937b12b967f28fe598a7d59000ae4
- https://git.kernel.org/stable/c/9891d7f4f1ede473c54b49776ae07755083eef06
- https://git.kernel.org/stable/c/b70c4e5e711931cdd56e6e905737b72f1e649189
- https://git.kernel.org/stable/c/fef5aa6e3bcf3c8053307642663a63b7362d7552
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/43xxx/CVE-2026-43373.json
- https://nvd.nist.gov/vuln/detail/CVE-2026-43373
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced138635cc27c9737f940c3aa80912ff7a61c825afFixed9891d7f4f1ede473c54b49776ae07755083eef06Fixedfef5aa6e3bcf3c8053307642663a63b7362d7552Fixed81d6aee32f8f7bbc175c05dbf61f4430bfb88c4aFixed59962588197863d0d746879f193905c0c6b3df49Fixed553366c271479c0d571dd1bb5d1bcde4747fb82eFixedb70c4e5e711931cdd56e6e905737b72f1e649189Fixed87138dde2d6937b12b967f28fe598a7d59000ae4Fixed5c3398a54266541610c8d0a7082e654e9ff3e259
Linux / Kernel
Package
- Name
- Kernel
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced4.8.0Fixed5.10.253
- Type
- ECOSYSTEM
- Events
-
Introduced5.11.0Fixed5.15.203
- Type
- ECOSYSTEM
- Events
-
Introduced5.16.0Fixed6.1.167
- Type
- ECOSYSTEM
- Events
-
Introduced6.2.0Fixed6.6.130
- Type
- ECOSYSTEM
- Events
-
Introduced6.7.0Fixed6.12.78
- Type
- ECOSYSTEM
- Events
-
Introduced6.13.0Fixed6.18.19
- Type
- ECOSYSTEM
- Events
-
Introduced6.19.0Fixed6.19.9