CVE-2026-23289Missing Release of Resource after Effective Lifetime in Linux

CWE-772Missing Release of Resource after Effective Lifetime9 documents8 sources
Severity
7.1HIGH
No vector
EPSS
0.0%
top 90.88%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
LinuxLinux Kernel
Timeline
PublishedMar 25

Description

In the Linux kernel, the following vulnerability has been resolved: IB/mthca: Add missed mthca_unmap_user_db() for mthca_create_srq() Fix a user triggerable leak on the system call failure path.

Affected Packages3 packages

Linuxlinux/linux_kernel2.6.146.1.167+4
Debianlinux/linux_kernel< 6.19.8-1
CVEListV5linux/linuxec34a922d243c3401a694450734e9effb2bafbfef67f1ad4029e9fa183141546de31987b254c9292+6

🔴Vulnerability Details

4
OSV
IB/mthca: Add missed mthca_unmap_user_db() for mthca_create_srq()2026-03-25
CVEList
IB/mthca: Add missed mthca_unmap_user_db() for mthca_create_srq()2026-03-25
OSV
CVE-2026-23289: In the Linux kernel, the following vulnerability has been resolved: IB/mthca: Add missed mthca_unmap_user_db() for mthca_create_srq() Fix a user trigg2026-03-25
GHSA
GHSA-gwxh-wqjf-9572: In the Linux kernel, the following vulnerability has been resolved: IB/mthca: Add missed mthca_unmap_user_db() for mthca_create_srq() Fix a user tri2026-03-25

📋Vendor Advisories

3
Red Hat
kernel: IB/mthca: Add missed mthca_unmap_user_db() for mthca_create_srq()2026-03-25
Microsoft
IB/mthca: Add missed mthca_unmap_user_db() for mthca_create_srq()2026-03-10
Debian
CVE-2026-23289: linux - In the Linux kernel, the following vulnerability has been resolved: IB/mthca: A...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-23289 Impact, Exploitability, and Mitigation Steps | Wiz
CVE-2026-23289 — Linux vulnerability | cvebase