5.5

CVE-2026-43396

drm/xe/sync: Fix user fence leak on alloc failure

In the Linux kernel, the following vulnerability has been resolved:

drm/xe/sync: Fix user fence leak on alloc failure

When dma_fence_chain_alloc() fails, properly release the user fence
reference to prevent a memory leak.

(cherry picked from commit a5d5634cde48a9fcd68c8504aa07f89f175074a0)
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 6.18.1 < 6.18.20
LinuxLinux Kernel Version >= 6.19 < 6.19.9
LinuxLinux Kernel Version6.18 Update-
LinuxLinux Kernel Version6.18 Updaterc5
LinuxLinux Kernel Version6.18 Updaterc6
LinuxLinux Kernel Version6.18 Updaterc7
LinuxLinux Kernel Version7.0 Updaterc1
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.12% 0.022
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/05edc78eb4699e8e000a62aaa8dace50a17e19e3
Patch
https://git.kernel.org/stable/c/f8f90b33934b307f6e4599b9fae38aa1ee5441a7
Patch
https://git.kernel.org/stable/c/0879c3f04f67e2a1677c25dcc24669ce21eb6a6c
Patch