CVE-2026-53140
Received Received - Intake
Memory Leak in Linux Kernel V3D Driver

Publication date: 2026-06-25

Last updated on: 2026-06-25

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix vaddr leak when indirect CSD has zeroed workgroups v3d_rewrite_csd_job_wg_counts_from_indirect() maps both the indirect buffer and the workgroup buffer and is expected to release them before returning. When any of the workgroup counts read from the buffer is zero, the function bailed out early and skipped the cleanup, leaking the vaddr mappings of both BOs. Jump to the cleanup path instead of returning directly, so the mappings are always dropped.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-25
Last Modified
2026-06-25
Generated
2026-06-25
AI Q&A
2026-06-25
EPSS Evaluated
N/A
NVD
CVE-2026-53140
EUVD
EUVD-2026-39231
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the Linux kernel's drm/v3d component. Specifically, the function v3d_rewrite_csd_job_wg_counts_from_indirect() maps two buffers: an indirect buffer and a workgroup buffer. It is supposed to release these mappings before returning. However, if any of the workgroup counts read from the buffer is zero, the function exits early and skips the cleanup process, causing a leak of the virtual address (vaddr) mappings of both buffer objects (BOs). The fix ensures that the cleanup path is always executed, preventing the leak.

Impact Analysis

This vulnerability can lead to a resource leak in the Linux kernel, specifically leaking virtual address mappings of certain buffers. Over time, this could cause increased memory usage or exhaustion of address space, potentially leading to degraded system performance or instability.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-53140. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart