CVE-2026-45980

HIGH EPSS 2.5%
Published May 27, 20261mo ago · Modified Jun 17, 20261w ago
7.8 CVSS 3.1
High
Find Similar
Published May 27, 2026 1mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Stop job scheduling across aie2_release_resource() Running jobs on a hardware context while it is in the process of releasing resources can lead to use-after-free and crashes. Fix this by stopping job scheduling before calling aie2_release_resource() and restarting it after the release completes. Additionally, aie2_sched_job_run() now checks whether the hardware context is still active.

CVSS Details

Base Score
7.8
Exploitability
1.8
Impact
5.9
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
2.5% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-416 Use After Free Memory Safety

Affected Products 2

VendorProductVersionRange
linuxlinux_kernel*≥6.14.9  –  <6.18.14
linuxlinux_kernel*≥6.19  –  <6.19.4

References 3

  • git.kernel.org https://git.kernel.org/stable/c/688c3ff079b10e4600f040944430d3d4ff448a15
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b79d31dce49b50c79620389b3639280802a86960
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f1370241fe8045702bc9d0812b996791f0500f1b
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/688c3ff079b10e4600f040944430d3d4ff448a15
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b79d31dce49b50c79620389b3639280802a86960
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f1370241fe8045702bc9d0812b996791f0500f1b
    Patch