Description

In the Linux kernel, the following vulnerability has been resolved: net: octeon_ep_vf: fix free_irq dev_id mismatch in IRQ rollback octep_vf_request_irqs() requests MSI-X queue IRQs with dev_id set to ioq_vector. If request_irq() fails part-way, the rollback loop calls free_irq() with dev_id set to 'oct', which does not match the original dev_id and may leave the irqaction registered. This can keep IRQ handlers alive while ioq_vector is later freed during unwind/teardown, leading to a use-after-free or crash when an interrupt fires. Fix the error path to free IRQs with the same ioq_vector dev_id used during request_irq().

INFO

Published Date :

2026-01-25T14:36:26.208Z

Last Modified :

2026-04-03T13:31:49.868Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2026-23013 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-23013.

URL Resource
https://git.kernel.org/stable/c/aa05a8371ae4a452df623f7202c72409d3c50e40 cve-icon cve-icon
https://git.kernel.org/stable/c/aa4c066229b05fc3d3c5f42693d25b1828533b6e cve-icon cve-icon
https://git.kernel.org/stable/c/f93fc5d12d69012788f82151bee55fce937e1432 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2026012538-CVE-2026-23013-303c@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2026-23013 cve-icon
https://www.cve.org/CVERecord?id=CVE-2026-23013 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact