-

CVE-2026-43445

EPSS 0.03%
Veröffentlicht 08.05.2026 14:22:12
Zuletzt bearbeitet 12.05.2026 14:10:27
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

e1000/e1000e: Fix leak in DMA error cleanup

In the Linux kernel, the following vulnerability has been resolved:

e1000/e1000e: Fix leak in DMA error cleanup

If an error is encountered while mapping TX buffers, the driver should
unmap any buffers already mapped for that skb.

Because count is incremented after a successful mapping, it will always
match the correct number of unmappings needed when dma_error is reached.
Decrementing count before the while loop in dma_error causes an
off-by-one error. If any mapping was successful before an unsuccessful
mapping, exactly one DMA mapping would leak.

In these commits, a faulty while condition caused an infinite loop in
dma_error:
Commit 03b1320dfcee ("e1000e: remove use of skb_dma_map from e1000e
driver")
Commit 602c0554d7b0 ("e1000: remove use of skb_dma_map from e1000 driver")

Commit c1fa347f20f1 ("e1000/e1000e/igb/igbvf/ixgb/ixgbe: Fix tests of
unsigned in *_tx_map()") fixed the infinite loop, but introduced the
off-by-one error.

This issue may still exist in the igbvf driver, but I did not address it
in this patch.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 11

CNA 2 VulnDex Vulnerability Enrichment 14

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version c1fa347f20f17f14a4a1575727fa24340e8a9117

Version < 7eaeb778bfaa3b2a804f89321c234d59c74569db

Status affected

Version c1fa347f20f17f14a4a1575727fa24340e8a9117

Version < 0606c24a745bafd1be5d66c48361638cd9cad74b

Status affected

Version c1fa347f20f17f14a4a1575727fa24340e8a9117

Version < 519051c711dfd239ef6e4b28878efee400a035f9

Status affected

Version c1fa347f20f17f14a4a1575727fa24340e8a9117

Version < 0a1fc25deabab4efce64610e3c449485c4fa8f5f

Status affected

Version c1fa347f20f17f14a4a1575727fa24340e8a9117

Version < fa5ba9867a55e640df0dc79bf0199770fb043f03

Status affected

Version c1fa347f20f17f14a4a1575727fa24340e8a9117

Version < 30e87ade8d678c25a8546cf38c0b498fa5cb27d3

Status affected

Version c1fa347f20f17f14a4a1575727fa24340e8a9117

Version < 10b5e65959e955a1c8894e0a5413944b5a70204a

Status affected

Version c1fa347f20f17f14a4a1575727fa24340e8a9117

Version < e94eaef11142b01f77bf8ba4d0b59720b7858109

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 2.6.33

Status affected

Version 0

Version < 2.6.33

Status unaffected

Version <= 5.10.*

Version 5.10.253

Status unaffected

Version <= 5.15.*

Version 5.15.203

Status unaffected

Version <= 6.1.*

Version 6.1.167

Status unaffected

Version <= 6.6.*

Version 6.6.130

Status unaffected

Version <= 6.12.*

Version 6.12.78

Status unaffected

Version <= 6.18.*

Version 6.18.19

Status unaffected

Version <= 6.19.*

Version 6.19.9

Status unaffected

Version <= *

Version 7.0

Status unaffected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.094

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/7eaeb778bfaa3b2a804f89321c234d59c74569db

https://git.kernel.org/stable/c/0606c24a745bafd1be5d66c48361638cd9cad74b

https://git.kernel.org/stable/c/519051c711dfd239ef6e4b28878efee400a035f9

https://git.kernel.org/stable/c/0a1fc25deabab4efce64610e3c449485c4fa8f5f

https://git.kernel.org/stable/c/fa5ba9867a55e640df0dc79bf0199770fb043f03

https://git.kernel.org/stable/c/30e87ade8d678c25a8546cf38c0b498fa5cb27d3

https://git.kernel.org/stable/c/10b5e65959e955a1c8894e0a5413944b5a70204a

https://git.kernel.org/stable/c/e94eaef11142b01f77bf8ba4d0b59720b7858109

https://nvd.nist.gov/vuln/detail/CVE-2026-43445

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-43445

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-43445

EUVD