CVE-2026-23027 — Vulnetix

CVE-2026-23027 PUBLISHED

In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix kvm_device leak in kvm_pch_pic_destroy() In kvm_ioctl_create_device(), kvm_device has allocated memory, kvm_device->destroy() seems to be supposed to free its kvm_device struct, but kvm_pch_pic_destroy() is not currently doing this, that would lead to a memory leak. So, fix it.

EPSS 0.01% · 1.6th percentile

Risk Scores

EPSS Score

0.01%

1.6th percentile

Affected Products

Vendor	Product	Versions
Linux	Linux	*, e785dfacf7e7fe94370fa0e8e3ff1bc8fe179831, e785dfacf7e7fe94370fa0e8e3ff1bc8fe179831
linux	linux_kernel	6.13, 6.13, 6.13

Timeline

Jan 31, 2026 EPSS Score
Jan 31, 2026 CVE Published
Jan 31, 2026 CVE Updated
Feb 2, 2026 EPSS Score
Feb 5, 2026 EPSS Score
Feb 7, 2026 EPSS Score
Feb 9, 2026 EPSS Score
Feb 12, 2026 EPSS Score
Feb 14, 2026 EPSS Score
Feb 16, 2026 EPSS Score
Feb 19, 2026 EPSS Score
Feb 21, 2026 EPSS Score

References

https://git.kernel.org/stable/c/fc53a66227af08d868face4b33fa8b2e1ba187ed url
https://git.kernel.org/stable/c/1cf342a7c3adc5877837b53bbceb5cc9eff60bbf url
https://nvd.nist.gov/vuln/detail/CVE-2026-23027 advisory

Open in Interactive Console →