CVE-2026-23366

drm/client: Do not destroy NULL modes

Title source: cna

Description

In the Linux kernel, the following vulnerability has been resolved: drm/client: Do not destroy NULL modes 'modes' in drm_client_modeset_probe may fail to kcalloc. If this occurs, we jump to 'out', calling modes_destroy on it, which dereferences it. This may result in a NULL pointer dereference in the error case. Prevent that.

References (3)

Scores

EPSS 0.0002
EPSS Percentile 5.8%

Details

Status published
Products (8)
Linux/Linux < 6.16
Linux/Linux 3039cc0c0653c6e15130a8719c3237329a954670 - 4e3ca5f82346cc23c0a71f1ceb006115ff6b0745
Linux/Linux 3039cc0c0653c6e15130a8719c3237329a954670 - 9aa3e33f0c7f2679ac599a09e3102c8f716a6321
Linux/Linux 3039cc0c0653c6e15130a8719c3237329a954670 - c601fd5414315fc515f746b499110e46272e7243
Linux/Linux 6.16
Linux/Linux 6.18.17 - 6.18.*
Linux/Linux 6.19.7 - 6.19.*
Linux/Linux 7.0-rc2
Published Mar 25, 2026
Tracked Since Mar 25, 2026