AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2026-31645: In the Linux kernel, the following vulnerability has been resolved: net: lan966x: fix page pool leak in error paths la

infovulnerability

security

Source: NVD/CVE DatabaseApril 24, 2026CVE-2026-31645

Summary

A vulnerability in the Linux kernel's lan966x network driver causes memory leaks when certain initialization functions fail. Specifically, a page pool (a memory management structure that pre-allocates memory pages for efficient network operations) is created but not properly cleaned up if later operations fail, wasting system memory.

Solution / Mitigation

Add the missing page_pool_destroy() calls in both error paths to properly clean up the page pool when initialization fails.

Vulnerability Details

EPSS (30-day exploit probability)

EPSS: 0.0%

Disclosure Date

April 24, 2026

Classification

Attack SophisticationModerate

Monthly digest — independent AI security research

Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-31645

First tracked: April 24, 2026 at 02:06 PM

Classified by LLM (prompt v3) · confidence: 95%