CVE-2026-43395
Memory Leak in Linux Kernel DRM/XE Sync Subsystem
Publication date: 2026-05-08
Last updated on: 2026-05-08
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Linux kernel's drm/xe/sync component. The function xe_sync_entry_parse() can allocate references such as syncobj, fence, chain fence, or user fence before encountering a failure later in the process. Some error paths return immediately without properly cleaning up, which results in partially initialized states and leaked references. The fix involves routing these error paths through a common cleanup routine to properly free resources before returning an error.
How can this vulnerability impact me? :
The vulnerability can lead to resource leaks in the Linux kernel due to partially initialized synchronization objects not being properly cleaned up on failure. This can cause increased memory usage or resource exhaustion over time, potentially degrading system performance or stability.