7.8
CVE-2026-45980
- EPSS 0.12%
- Veröffentlicht 27.05.2026 12:18:39
- Zuletzt bearbeitet 16.06.2026 02:39:58
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
accel/amdxdna: Stop job scheduling across aie2_release_resource()
In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Stop job scheduling across aie2_release_resource() Running jobs on a hardware context while it is in the process of releasing resources can lead to use-after-free and crashes. Fix this by stopping job scheduling before calling aie2_release_resource() and restarting it after the release completes. Additionally, aie2_sched_job_run() now checks whether the hardware context is still active.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 6.14.9 < 6.18.14
Linux ≫ Linux Kernel Version >= 6.19 < 6.19.4
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.12% | 0.024 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-416 Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
https://git.kernel.org/stable/c/b79d31dce49b50c79620389b3639280802a86960
https://git.kernel.org/stable/c/688c3ff079b10e4600f040944430d3d4ff448a15
https://git.kernel.org/stable/c/f1370241fe8045702bc9d0812b996791f0500f1b