CVE-2026-45880
Published May 27, 2026
Modified May 27, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: PCI/P2PDMA: Release per-CPU pgmap ref when vm_insert_page() fails When vm_insert_page() fails in p2pmem_alloc_mmap(), p2pmem_alloc_mmap() doesn't invoke percpu_ref_put() to free the per-CPU ref of pgmap acquired after gen_pool_alloc_owner(), and memunmap_pages() will hang forever when trying to remove the PCI device. Fix it by adding the missed percpu_ref_put().
References
Other References
https://git.kernel.org/stable/c/51b7181cfbedf289ce794b6d97a1c596c309ec38
https://git.kernel.org/stable/c/6220694c52a5a04102b48109e4f24e958b559bd3
https://git.kernel.org/stable/c/a1f4dc72efc3204db95d052058d785cad7ce755f
https://git.kernel.org/stable/c/baa42b756d183a59572f3890981a3d32b8d05d40
https://git.kernel.org/stable/c/e19cce88ec4c4877f4ff2469099b9cf23cc3e93e
Frequently Asked Questions
What is CVE-2026-45880? +
In the Linux kernel, the following vulnerability has been resolved:
PCI/P2PDMA: Release per-CPU pgmap ref when vm_insert_page() fails
When vm_insert_page() fails in p2pmem_alloc_mmap(), p2pmem_alloc_mmap()
doesn't invoke percpu_ref_put() to free the per-CPU ref of pgmap acquired
after gen_pool_alloc_owner(), and memunmap_pages() will hang forever when
trying to remove the PCI device.
Fix it by adding the missed percpu_ref_put().
How do I check if I'm vulnerable to CVE-2026-45880? +
You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.