Linux kernel mctp i2c skb memory leak in receive path
CVE-2026-43457 Published on May 8, 2026
mctp: i2c: fix skb memory leak in receive path
In the Linux kernel, the following vulnerability has been resolved:
mctp: i2c: fix skb memory leak in receive path
When 'midev->allow_rx' is false, the newly allocated skb isn't consumed
by netif_rx(), it needs to free the skb directly.
Products Associated with CVE-2026-43457
Want to know whenever a new CVE is published for Linux Kernel? stack.watch will email you.
Affected Versions
Linux:- Version f5b8abf9fc3dacd7529d363e26fe8230935d65f8 and below 0fb2adbdd5c03e8c9ebcdc48afd414b2724c85eb is affected.
- Version f5b8abf9fc3dacd7529d363e26fe8230935d65f8 and below d7900a43b0a314a645ca0a2adf45928dbc7001f4 is affected.
- Version f5b8abf9fc3dacd7529d363e26fe8230935d65f8 and below 9f81be2ab9d8e4744871bfb3e868ef413413829f is affected.
- Version f5b8abf9fc3dacd7529d363e26fe8230935d65f8 and below 1ec54187e1aa40a4cfa2b265e9a311179f24b98d is affected.
- Version f5b8abf9fc3dacd7529d363e26fe8230935d65f8 and below 1b1be322342a6b0085bf6ee52235e5ac9834ec25 is affected.
- Version f5b8abf9fc3dacd7529d363e26fe8230935d65f8 and below e3f5e0f22cfc2371e7471c9fd5b4da78f9df7c69 is affected.
- Version 5.18 is affected.
- Before 5.18 is unaffected.
- Version 6.1.167, <= 6.1.* is unaffected.
- Version 6.6.130, <= 6.6.* is unaffected.
- Version 6.12.78, <= 6.12.* is unaffected.
- Version 6.18.19, <= 6.18.* is unaffected.
- Version 6.19.9, <= 6.19.* is unaffected.
- Version 7.0, <= * is unaffected.