-

CVE-2026-53067

PCI: endpoint: pci-ep-msi: Fix error unwind and prevent double alloc

In the Linux kernel, the following vulnerability has been resolved:

PCI: endpoint: pci-ep-msi: Fix error unwind and prevent double alloc

pci_epf_alloc_doorbell() stores the allocated doorbell message array in
epf->db_msg/epf->num_db before requesting MSI vectors. If MSI allocation
fails, the array is freed but the EPF state may still point to freed
memory.

Clear epf->db_msg and epf->num_db on the MSI allocation failure path so
that later cleanup cannot double-free the array and callers can retry
allocation.

Also return -EBUSY when doorbells have already been allocated to prevent
leaking or overwriting an existing allocation.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
Produkt Linux
Default Statusunaffected
Version 1c3b002c6bf684b445a7107609979bca5f21bc03
Version < 175717cfc06cab79f84cd037d66dda1b8564cd9e
Status affected
Version 1c3b002c6bf684b445a7107609979bca5f21bc03
Version < 3c25587fbf8797b92090b064a6d239a873e55fb1
Status affected
Version 1c3b002c6bf684b445a7107609979bca5f21bc03
Version < 1cba96c0a795124c3229293ed7b5b5765e66f259
Status affected
HerstellerLinux
Produkt Linux
Default Statusaffected
Version 6.17
Status affected
Version 0
Version < 6.17
Status unaffected
Version <= 6.18.*
Version 6.18.33
Status unaffected
Version <= 7.0.*
Version 7.0.10
Status unaffected
Version <= *
Version 7.1
Status unaffected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.15% 0.049
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/175717cfc06cab79f84cd037d66dda1b8564cd9e
https://git.kernel.org/stable/c/3c25587fbf8797b92090b064a6d239a873e55fb1
https://git.kernel.org/stable/c/1cba96c0a795124c3229293ed7b5b5765e66f259