CVE-2026-43395
MEDIUM EPSS 2.3%
Published May 8, 20261mo ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Published May 8, 2026 1mo ago
Last Modified Jun 17, 2026 1w ago
Description
In the Linux kernel, the following vulnerability has been resolved: drm/xe/sync: Cleanup partially initialized sync on parse failure xe_sync_entry_parse() can allocate references (syncobj, fence, chain fence, or user fence) before hitting a later failure path. Several of those paths returned directly, leaving partially initialized state and leaking refs. Route these error paths through a common free_sync label and call xe_sync_entry_cleanup(sync) before returning the error. (cherry picked from commit f939bdd9207a5d1fc55cced5459858480686ce22)
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High
Threat Intelligence
EPSS Exploit Probability
2.3% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 1
CWE-459
Affected Products 4
References 4
- git.kernel.org https://git.kernel.org/stable/c/1bfd7575092420ba5a0b944953c95b74a5646ff8
- git.kernel.org https://git.kernel.org/stable/c/91c228f96fcfacc2341a58815b1da8c69da94ebb
- git.kernel.org https://git.kernel.org/stable/c/af65cd1853599394b94201c08bed7a46717db478
- git.kernel.org https://git.kernel.org/stable/c/f0af63ffa06306f12592cd3919fad6957b425e1b
Remediation
- git.kernel.org https://git.kernel.org/stable/c/1bfd7575092420ba5a0b944953c95b74a5646ff8
- git.kernel.org https://git.kernel.org/stable/c/91c228f96fcfacc2341a58815b1da8c69da94ebb
- git.kernel.org https://git.kernel.org/stable/c/af65cd1853599394b94201c08bed7a46717db478
- git.kernel.org https://git.kernel.org/stable/c/f0af63ffa06306f12592cd3919fad6957b425e1b