IM
IronMonkey Threat Research

CVE-2026-31658 MEDIUM

Published: 2026-04-24 | Last Modified: 2026-07-14 | Status: Modified

Description

In the Linux kernel, the following vulnerability has been resolved: net: altera-tse: fix skb leak on DMA mapping error in tse_start_xmit() When dma_map_single() fails in tse_start_xmit(), the function returns NETDEV_TX_OK without freeing the skb. Since NETDEV_TX_OK tells the stack the packet was consumed, the skb is never freed, leaking memory on every DMA mapping failure. Add dev_kfree_skb_any() before returning to properly free the skb.

CVSS Metrics

Base Score: 5.5 (MEDIUM)

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Attack VectorLOCAL
Attack ComplexityLOW
Privileges RequiredLOW
User InteractionNONE
ScopeUNCHANGED
Confidentiality ImpactNONE
Integrity ImpactNONE
Availability ImpactHIGH

Source: [email protected]

Type: Primary

Exploitability Score: 1.8

Impact Score: 3.6

Weaknesses

Source Type Description
[email protected] Primary
en CWE-401

Affected Products

Vendor Product Version Update Type
linux linux_kernel * <built-in method update of dict object at 0x702b403284c0> Operating System
linux linux_kernel * <built-in method update of dict object at 0x702bcbbf7e40> Operating System
linux linux_kernel * <built-in method update of dict object at 0x702bdd607780> Operating System
linux linux_kernel * <built-in method update of dict object at 0x702b4032a980> Operating System
linux linux_kernel * <built-in method update of dict object at 0x702b40329ec0> Operating System
linux linux_kernel * <built-in method update of dict object at 0x702b4032b780> Operating System
linux linux_kernel * <built-in method update of dict object at 0x702bdd152d40> Operating System
linux linux_kernel 3.15 <built-in method update of dict object at 0x702bcbbf77c0> Operating System
linux linux_kernel 7.0 <built-in method update of dict object at 0x702bdd6061c0> Operating System
linux linux_kernel 7.0 <built-in method update of dict object at 0x702b4032aec0> Operating System
linux linux_kernel 7.0 <built-in method update of dict object at 0x702bde4f3980> Operating System
linux linux_kernel 7.0 <built-in method update of dict object at 0x702bcbbf4ec0> Operating System
linux linux_kernel 7.0 <built-in method update of dict object at 0x702bdd605740> Operating System
linux linux_kernel 7.0 <built-in method update of dict object at 0x702bdd1504c0> Operating System
linux linux_kernel 7.0 <built-in method update of dict object at 0x702bdd6068c0> Operating System

Affected Configurations

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:3.15:-:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:7.0:rc5:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:7.0:rc6:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:7.0:rc7:*:*:*:*:*:*

References

Notification
Message here