CVE-2026-23421

drm/xe/configfs: Free ctx_restore_mid_bb in release

Title source: cna

Description

In the Linux kernel, the following vulnerability has been resolved: drm/xe/configfs: Free ctx_restore_mid_bb in release ctx_restore_mid_bb memory is allocated in wa_bb_store(), but xe_config_device_release() only frees ctx_restore_post_bb. Free ctx_restore_mid_bb[0].cs as well to avoid leaking the allocation when the configfs device is removed. (cherry picked from commit a235e7d0098337c3f2d1e8f3610c719a589e115f)

References (3)

Core 3

Core References

https://git.kernel.org/stable/c/7f971dfd48983074adc7bbcea3ee95ce7aad47cb

https://git.kernel.org/stable/c/3557359ea3df32430ea7c30f7a708ca9a91d7e0e

https://git.kernel.org/stable/c/e377182f0266f46f02d01838e6bde67b9dac0d66

Scores

EPSS 0.0001

EPSS Percentile 3.4%

Details

Status published

Products (9)

Linux/Linux < 6.18

Linux/Linux 6.18

Linux/Linux 6.18.17 - 6.18.*

Linux/Linux 6.19.7 - 6.19.*

Linux/Linux 7.0

Linux/Linux 7.0-rc3

Linux/Linux b30d5de3d40c3fa642079bac0d91f17091c5f877 - 3557359ea3df32430ea7c30f7a708ca9a91d7e0e

Linux/Linux b30d5de3d40c3fa642079bac0d91f17091c5f877 - 7f971dfd48983074adc7bbcea3ee95ce7aad47cb

Linux/Linux b30d5de3d40c3fa642079bac0d91f17091c5f877 - e377182f0266f46f02d01838e6bde67b9dac0d66

Published Apr 03, 2026

Tracked Since Apr 03, 2026