CVE-2026-31461
Received Received - Intake
Memory Leak in Linux Kernel amdgpu_dm DRM EDID Handling

Publication date: 2026-04-22

Last updated on: 2026-05-07

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix drm_edid leak in amdgpu_dm [WHAT] When a sink is connected, aconnector->drm_edid was overwritten without freeing the previous allocation, causing a memory leak on resume. [HOW] Free the previous drm_edid before updating it. (cherry picked from commit 52024a94e7111366141cfc5d888b2ef011f879e5)
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-22
Last Modified
2026-05-07
Generated
2026-06-16
AI Q&A
2026-04-22
EPSS Evaluated
2026-06-15
NVD
CVE-2026-31461
EUVD
EUVD-2026-24801
Affected Vendors & Products
Showing 7 associated CPEs
Vendor Product Version / Range
linux linux_kernel 7.0
linux linux_kernel 7.0
linux linux_kernel 7.0
linux linux_kernel 7.0
linux linux_kernel 7.0
linux linux_kernel From 6.13 (inc) to 6.18.21 (exc)
linux linux_kernel From 6.19 (inc) to 6.19.11 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-401 The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the Linux kernel's AMD GPU display driver (amdgpu_dm). When a display sink is connected, the drm_edid pointer in the connector structure was overwritten without freeing the previously allocated memory. This caused a memory leak during the resume process.

The issue was fixed by ensuring that the previous drm_edid allocation is freed before updating it with a new value.

Compliance Impact

The provided information does not specify any impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.

Impact Analysis

This vulnerability can lead to a memory leak in the Linux kernel when using AMD GPU display drivers. Over time, this memory leak could cause increased memory usage, potentially leading to system instability or degraded performance, especially on systems that frequently suspend and resume.

Mitigation Strategies

The vulnerability is fixed by ensuring that the previous drm_edid allocation is freed before updating it in the amdgpu_dm driver. To mitigate this vulnerability, you should update your Linux kernel to a version that includes the fix for this issue.

  • Apply the kernel patch that fixes the drm_edid leak in the amdgpu_dm driver.
  • Upgrade your Linux kernel to the latest stable release that contains this fix.
  • Reboot the system after applying the update to ensure the fix is active.
Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-31461. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart