CVE-2026-23386

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains an issue in the gve module related to incorrect buffer cleanup within the gve tx clean pending packets function when operating in DQ-QPL mode. This occurs because the function incorrectly uses the RDA buffer cleanup path, leading to out-of-bounds access when iterating through the dma array. Specifically, the dma array shares storage with tx qpl buf ids, and interpreting buffer IDs as DMA addresses can result in attempts to unmap incorrect memory locations. Additionally, the number of buffers (num bufs) in QPL mode can exceed the size of the dma array, triggering out-of-bounds access warnings. The issue was identified through UBSAN (Undefined Behavior Sanitizer) reports during testing. The function gve tx stop ring dqo and gve close are also implicated in the call trace.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.