SB2026021615 - Memory leak in Linux kernel kvm
Published: February 16, 2026
Security Bulletin ID
SB2026021615
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Memory leak (CVE-ID: CVE-2026-23198)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the irqfd_shutdown(), irqfd_wakeup() and kvm_irqfd_deassign() functions in virt/kvm/eventfd.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/2284bc168b148a17b5ca3b37b3d95c411f18a08d
- https://git.kernel.org/stable/c/4385b2f2843549bfb932e0dcf76bf4b065543a3c
- https://git.kernel.org/stable/c/6d14ba1e144e796b5fc81044f08cfba9024ca195
- https://git.kernel.org/stable/c/959a063e7f12524bc1871ad1f519787967bbcd45
- https://git.kernel.org/stable/c/b4d37cdb77a0015f51fee083598fa227cc07aaf1
- https://git.kernel.org/stable/c/b61f9b2fcf181451d0a319889478cc53c001123e
- https://git.kernel.org/stable/c/ff48c9312d042bfbe826ca675e98acc6c623211c