CVE-2026-45880
Description
In the Linux kernel, the following vulnerability has been resolved: PCI/P2PDMA: Release per-CPU pgmap ref when vm_insert_page() fails When vm_insert_page() fails in p2pmem_alloc_mmap(), p2pmem_alloc_mmap() doesn't invoke percpu_ref_put() to free the per-CPU ref of pgmap acquired after gen_pool_alloc_owner(), and memunmap_pages() will hang forever when trying to remove the PCI device. Fix it by adding the missed percpu_ref_put().
Predictions
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No mitigations published for this CVE yet.
The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ if you've already worked around this in production โ publish your fix to the community-verified tier.
โ Propose a mitigation on Community โ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here withsource_tier=community-verified.
OS impact
| OS | Version | Status | Fixed in |
|---|---|---|---|
| debian | bookworm | fixed | 0 |
| debian | bullseye | fixed | 0 |
| debian | forky | fixed | 6.18.14-1 |
| debian | sid | fixed | 6.18.14-1 |
| debian | trixie | fixed | 6.12.85-1 |
| sles | affected | |
References
- https://git.kernel.org/stable/c/baa42b756d183a59572f3890981a3d32b8d05d40
- https://git.kernel.org/stable/c/51b7181cfbedf289ce794b6d97a1c596c309ec38
- https://git.kernel.org/stable/c/e19cce88ec4c4877f4ff2469099b9cf23cc3e93e
- https://git.kernel.org/stable/c/a1f4dc72efc3204db95d052058d785cad7ce755f
- https://git.kernel.org/stable/c/6220694c52a5a04102b48109e4f24e958b559bd3
- https://security-tracker.debian.org/tracker/CVE-2026-45880
- https://www.suse.com/security/cve/CVE-2026-45880.html
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.