1. Home
  2. Vulnerabilities
  3. CVE-2026-43041
0.0
NA
CVE-2026-43041
net: qrtr: replace qrtr_tx_flow radix_tree with xarray to fix memory leak
Overview
Description

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: replace qrtr_tx_flow radix_tree with xarray to fix memory leak __radix_tree_create() allocates and links intermediate nodes into the tree one by one. If a subsequent allocation fails, the already-linked nodes remain in the tree with no corresponding leaf entry. These orphaned internal nodes are never reclaimed because radix_tree_for_each_slot() only visits slots containing leaf values. The radix_tree API is deprecated in favor of xarray. As suggested by Matthew Wilcox, migrate qrtr_tx_flow from radix_tree to xarray instead of fixing the radix_tree itself [1]. xarray properly handles cleanup of internal nodes — xa_destroy() frees all internal xarray nodes when the qrtr_node is released, preventing the leak. [1] https://lore.kernel.org/all/[email protected]/T/

Details
INFO

Published Date :

May 1, 2026, 3:16 p.m.

Last Modified :

May 1, 2026, 3:24 p.m.

Remotely Exploit :

No

Source :

416baaa9-dc9f-4396-8d5f-8c081fb06d67
Impact
Affected Products

The following products are affected by CVE-2026-43041 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

No affected product recoded yet

: Total Affected Vendor : 0 | Products : 0
Solution
Resolve memory leak by migrating from radix_tree to xarray.
  • Migrate qrtr_tx_flow from radix_tree to xarray.
  • Ensure xarray handles internal node cleanup.
  • Update the Linux kernel.
References
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2026-43041.

URL Resource
https://git.kernel.org/stable/c/0fda873092b541bb5a9b87d728a2429f863f8cfa
https://git.kernel.org/stable/c/2428083101f6883f979cceffa76cd8440751ffe6
https://git.kernel.org/stable/c/4b75ff0aedd6ade1018ad4a3a9d8336794e36e42
https://git.kernel.org/stable/c/5d2249eefaca59908fe3c264b8eca526424dcfbe
https://git.kernel.org/stable/c/69402908e277dd164bf8d7c8fd0513c0fac28e9e
https://git.kernel.org/stable/c/f2664bc4f0f356f17c2094587a2b3665e3867e44
https://git.kernel.org/stable/c/f2dd9aaf6e2861337f5835f877a5b2becaf4b015
https://git.kernel.org/stable/c/ff134cc43972d7ddceff8cfd36cf6b9eaafc00b3
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2026-43041 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2026-43041 weaknesses.

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2026-43041 vulnerability anywhere in the article.

Results are limited to the first 20 news articles due to potential performance issues.

The following table lists the changes that have been made to the CVE-2026-43041 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • New CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    May. 01, 2026

    Action Type Old Value New Value
    Added Description In the Linux kernel, the following vulnerability has been resolved: net: qrtr: replace qrtr_tx_flow radix_tree with xarray to fix memory leak __radix_tree_create() allocates and links intermediate nodes into the tree one by one. If a subsequent allocation fails, the already-linked nodes remain in the tree with no corresponding leaf entry. These orphaned internal nodes are never reclaimed because radix_tree_for_each_slot() only visits slots containing leaf values. The radix_tree API is deprecated in favor of xarray. As suggested by Matthew Wilcox, migrate qrtr_tx_flow from radix_tree to xarray instead of fixing the radix_tree itself [1]. xarray properly handles cleanup of internal nodes — xa_destroy() frees all internal xarray nodes when the qrtr_node is released, preventing the leak. [1] https://lore.kernel.org/all/[email protected]/T/
    Added Reference https://git.kernel.org/stable/c/0fda873092b541bb5a9b87d728a2429f863f8cfa
    Added Reference https://git.kernel.org/stable/c/2428083101f6883f979cceffa76cd8440751ffe6
    Added Reference https://git.kernel.org/stable/c/4b75ff0aedd6ade1018ad4a3a9d8336794e36e42
    Added Reference https://git.kernel.org/stable/c/5d2249eefaca59908fe3c264b8eca526424dcfbe
    Added Reference https://git.kernel.org/stable/c/69402908e277dd164bf8d7c8fd0513c0fac28e9e
    Added Reference https://git.kernel.org/stable/c/f2664bc4f0f356f17c2094587a2b3665e3867e44
    Added Reference https://git.kernel.org/stable/c/f2dd9aaf6e2861337f5835f877a5b2becaf4b015
    Added Reference https://git.kernel.org/stable/c/ff134cc43972d7ddceff8cfd36cf6b9eaafc00b3
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CVSS
Vulnerability Scoring Details
No CVSS metrics available for this vulnerability.