CVE-2026-23258

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> net: liquidio: Initialize netdev pointer before queue setup<br /> <br /> In setup_nic_devices(), the netdev is allocated using alloc_etherdev_mq().<br /> However, the pointer to this structure is stored in oct-&gt;props[i].netdev<br /> only after the calls to netif_set_real_num_rx_queues() and<br /> netif_set_real_num_tx_queues().<br /> <br /> If either of these functions fails, setup_nic_devices() returns an error<br /> without freeing the allocated netdev. Since oct-&gt;props[i].netdev is still<br /> NULL at this point, the cleanup function liquidio_destroy_nic_device()<br /> will fail to find and free the netdev, resulting in a memory leak.<br /> <br /> Fix this by initializing oct-&gt;props[i].netdev before calling the queue<br /> setup functions. This ensures that the netdev is properly accessible for<br /> cleanup in case of errors.<br /> <br /> Compile tested only. Issue found using a prototype static analysis tool<br /> and code review.