PT-2026-5531 · Kvm+1 · Kvm+1
Published
2026-01-01
·
Updated
2026-04-20
·
CVE-2026-23028
CVSS v2.0
5.5
Medium
| Vector | AV:A/AC:L/Au:S/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
Linux kernel (affected versions not specified)
Description
The Linux kernel contains a memory leak within the KVM (Kernel-based Virtual Machine) component on LoongArch architecture. Specifically, the
kvm device structure is not properly freed in the kvm ipi destroy() function after being allocated in kvm ioctl create device(). This results in a memory leak. The vulnerable function is kvm ipi destroy().Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Memory Leak
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Kvm
Linux Kernel