CVE-2026-45939 Linux CVE debrief

Who should care

System administrators running Linux systems with National Instruments USB-GPIB hardware; kernel maintainers and developers working with the GPIB subsystem; embedded systems engineers utilizing GPIB instrumentation interfaces.

Technical summary

The vulnerability exists in `drivers/gpib/ni_usb/ni_usb_gpib.c` in the Linux kernel. The `ni_usb_init()` function allocates a `writes` buffer via `kmalloc()` or similar allocation mechanism. If the subsequent `ni_usb_setup_init()` call fails, the original code returned `-EFAULT` without freeing `writes`, causing a memory leak. Additionally, `ni_usb_setup_init()` returned `0` on failure rather than a negative error code, which was semantically incorrect and led to the inappropriate `-EFAULT` return. The fix ensures `writes` is freed via `kfree()` or equivalent in the error path, and modifies `ni_usb_setup_init()` to return `-EINVAL` on failure, which `ni_usb_init()` now propagates correctly. This improves both memory safety and error reporting in the GPIB driver initialization path.

Defensive priority

medium

Recommended defensive actions

• Review kernel version and confirm if the National Instruments USB-GPIB driver (ni_usb_gpib) is in use on affected systems
• Apply kernel updates containing the fix commits once available through distribution channels
• Monitor system memory usage on systems utilizing USB-GPIB hardware for signs of memory exhaustion during driver initialization failures
• Verify error handling behavior in custom kernel builds that include the GPIB subsystem

Evidence notes

Vulnerability description confirms memory leak in `ni_usb_init()` when `ni_usb_setup_init()` fails, with improper error code handling. Kernel.org git commits provided as references confirm the fix implementation.

Official resources