What is GHSA-p66j-qj5c-q58g?

GHSA-p66j-qj5c-q58g is a security advisory published by GitHub Security Advisories with Medium severity. In the Linux kernel, the following vulnerability has been resolved: net: liquidio: Fix off-by...

Which CVE IDs does GHSA-p66j-qj5c-q58g cover?

GHSA-p66j-qj5c-q58g covers the following CVE IDs: CVE-2026-23257. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-p66j-qj5c-q58g?

GHSA-p66j-qj5c-q58g has a CVSS v3 base score of 5.5, published by GitHub Security Advisories.

GHSA-p66j-qj5c-q58gMediumCVSS 5.5

In the Linux kernel, the following vulnerability has been resolved: net: liquidio: Fix off-by...

Vendor

GitHub Security Advisories

Published

March 18, 2026

Last Modified

May 21, 2026

🔗 CVE IDs covered (1)

CVE-2026-23257 →

📋 Description

In the Linux kernel, the following vulnerability has been resolved: net: liquidio: Fix off-by-one error in PF setup_nic_devices() cleanup In setup_nic_devices(), the initialization loop jumps to the label setup_nic_dev_free on failure. The current cleanup loop while(i--) skip the failing index i, causing a memory leak. Fix this by changing the loop to iterate from the current index i down to 0. Also, decrement i in the devlink_alloc failure path to point to the last successfully allocated index. Compile tested only. Issue found using code review.

🔗 References (9)

https://nvd.nist.gov/vuln/detail/CVE-2026-23257
https://git.kernel.org/stable/c/293eaad0d6d6b2a37a458c7deb7be345349cd963
https://git.kernel.org/stable/c/8558aef4e8a1a83049ab906d21d391093cfa7e7f
https://git.kernel.org/stable/c/a0d2389c8cdc1f05de5eb8663bffe9ed05dca769
https://git.kernel.org/stable/c/af38d9a5cb49fe9d0d282b44f17fdc1f3270d99d
https://git.kernel.org/stable/c/d86c58eb005eb99da402452f3db7a6e0eae32815
https://git.kernel.org/stable/c/f1216b80c9040a904d2ad7c8cd24ca0ff1f36932
https://git.kernel.org/stable/c/f86bd16280a0f88b538394e0565c56ce4756da99
https://github.com/advisories/GHSA-p66j-qj5c-q58g