CVE-2026-23421

Published: Apr 3, 2026Modified: Apr 24, 2026

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: drm/xe/configfs: Free ctx_restore_mid_bb in release ctx_restore_mid_bb memory is allocated in wa_bb_store(), but xe_config_device_release() only frees ctx_restore_post_bb. Free ctx_restore_mid_bb[0].cs as well to avoid leaking the allocation when the configfs device is removed. (cherry picked from commit a235e7d0098337c3f2d1e8f3610c719a589e115f)

Affected (10)

Products: Linux: Linux Kernel

Linux

1 product

Linux Kernel

Configuration A

10 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 6.18.1 to 6.18.17
Linux Linux Kernel	From 6.19 to 6.19.7
Linux Linux Kernel	Version 6.18
Linux Linux Kernel	Version 7.0 rc1
Linux Linux Kernel	Version 7.0 rc2
Linux Linux Kernel	Version 7.0 rc3
Linux Linux Kernel	Version 7.0 rc4
Linux Linux Kernel	Version 7.0 rc5
Linux Linux Kernel	Version 7.0 rc6
Linux Linux Kernel	Version 7.0 rc7

References (3)

https://git.kernel.org/stable/c/3557359ea3df32430ea7c30f7a708ca9a91d7e0e

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/7f971dfd48983074adc7bbcea3ee95ce7aad47cb

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/e377182f0266f46f02d01838e6bde67b9dac0d66

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

Timeline

No history available yet.