CVE-2026-43295 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved:

rapidio: replace rio_free_net() with kfree() in rio_scan_alloc_net()

When idtab allocation fails, net is not registered with rio_add_net() yet,
so kfree(net) is sufficient to release the memory. Set mport->net to NULL
to avoid dangling pointer.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

unaffected

Version	Status	Constraints
`e6b585ca6e81badeb3d42db3cc408174f2826034`	affected	< 83e579c2f7f6b1706323d744833b26470049dcc2
`e6b585ca6e81badeb3d42db3cc408174f2826034`	affected	< 34a4f233df5eef5f1f113b2196142c0568b387f8
`e6b585ca6e81badeb3d42db3cc408174f2826034`	affected	< fecf292c6691970897396190855aa38826b7104e
`e6b585ca6e81badeb3d42db3cc408174f2826034`	affected	< 649c2e853608cad0b0cba545555d168e67f094b3
`e6b585ca6e81badeb3d42db3cc408174f2826034`	affected	< 87272e3e70ec4b666885bd520ff77463c11444ef
`e6b585ca6e81badeb3d42db3cc408174f2826034`	affected	< e5a732bfe29451e16abf9c6f07ce5948b22f3d59
`e6b585ca6e81badeb3d42db3cc408174f2826034`	affected	< 78812c4fb7ed242d5961bf1337a49070d6487c94
`e6b585ca6e81badeb3d42db3cc408174f2826034`	affected	< 666183dcdd9ad3b8156a1df7f204f728f720380f

Linux

affected

Version	Status	Constraints
`4.6`	affected	—
`0`	unaffected	< 4.6
`5.10.252`	unaffected	≤ 5.10.*
`5.15.202`	unaffected	≤ 5.15.*
`6.1.165`	unaffected	≤ 6.1.*
`6.6.128`	unaffected	≤ 6.6.*
`6.12.75`	unaffected	≤ 6.12.*
`6.18.16`	unaffected	≤ 6.18.*
`6.19.6`	unaffected	≤ 6.19.*
`7.0`	unaffected	≤ *

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors	Products
Linux Subscribe	Linux Kernel Subscribe

Project Subscriptions

Vendors	Products
Linux Subscribe	Linux Kernel Subscribe

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://git.kernel.org/stable/c/34a4f233df5eef5f1f113b2196142c0568b387f8
https://git.kernel.org/stable/c/649c2e853608cad0b0cba545555d168e67f094b3
https://git.kernel.org/stable/c/666183dcdd9ad3b8156a1df7f204f728f720380f
https://git.kernel.org/stable/c/78812c4fb7ed242d5961bf1337a49070d6487c94
https://git.kernel.org/stable/c/83e579c2f7f6b1706323d744833b26470049dcc2
https://git.kernel.org/stable/c/87272e3e70ec4b666885bd520ff77463c11444ef
https://git.kernel.org/stable/c/e5a732bfe29451e16abf9c6f07ce5948b22f3d59
https://git.kernel.org/stable/c/fecf292c6691970897396190855aa38826b7104e
https://lore.kernel.org/linux-cve-announce/2026050854-CVE-2026-43295-f6c5@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2026-43295
https://www.cve.org/CVERecord?id=CVE-2026-43295

History

Sat, 09 May 2026 00:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-763
References		https://lore.kernel.org/linux-cve-announce/2026050854-CVE-2026-43295-f6c5@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2026-43295 https://www.cve.org/CVERecord?id=CVE-2026-43295

Fri, 08 May 2026 15:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-416

Fri, 08 May 2026 13:30:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: rapidio: replace rio_free_net() with kfree() in rio_scan_alloc_net() When idtab allocation fails, net is not registered with rio_add_net() yet, so kfree(net) is sufficient to release the memory. Set mport->net to NULL to avoid dangling pointer.
Title		rapidio: replace rio_free_net() with kfree() in rio_scan_alloc_net()
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/34a4f233df5eef5f1f113b2196142c0568b387f8 https://git.kernel.org/stable/c/649c2e853608cad0b0cba545555d168e67f094b3 https://git.kernel.org/stable/c/666183dcdd9ad3b8156a1df7f204f728f720380f https://git.kernel.org/stable/c/78812c4fb7ed242d5961bf1337a49070d6487c94 https://git.kernel.org/stable/c/83e579c2f7f6b1706323d744833b26470049dcc2 https://git.kernel.org/stable/c/87272e3e70ec4b666885bd520ff77463c11444ef https://git.kernel.org/stable/c/e5a732bfe29451e16abf9c6f07ce5948b22f3d59 https://git.kernel.org/stable/c/fecf292c6691970897396190855aa38826b7104e

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-05-08T13:11:18.226Z

Updated: 2026-05-08T13:11:18.226Z

Reserved: 2026-05-01T14:12:55.999Z

Link: CVE-2026-43295

Vulnrichment

No data.

NVD

Status : Received

Published: 2026-05-08T14:16:36.593

Modified: 2026-05-08T14:16:36.593

Link: CVE-2026-43295

Redhat

Severity :

Publid Date: 2026-05-08T00:00:00Z

Links: CVE-2026-43295 - Bugzilla

OpenCVE Enrichment

Updated: 2026-05-09T02:00:19Z

Weaknesses

Project Subscriptions

Projects

JSON object

JSON object

JSON object

JSON object

JSON object