CVE-2026-23430

MEDIUM

drm/vmwgfx: Don't overwrite KMS surface dirty tracker

Title source: cna
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Don't overwrite KMS surface dirty tracker We were overwriting the surface's dirty tracker here causing a memory leak.

References (3)

Scores

CVSS v3 5.5
EPSS 0.0001
EPSS Percentile 2.2%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-401
Status published
Products (12)
Linux/Linux < 6.16
Linux/Linux 6.16
Linux/Linux 6.18.20 - 6.18.*
Linux/Linux 6.19.10 - 6.19.*
Linux/Linux 7.0
Linux/Linux 7.0-rc5
Linux/Linux 965544150d1cadf0e8f5bb6c13c19697e46e1429 - 354c8bbf8d1e4aa61e580dbe160591feda504e4f
Linux/Linux 965544150d1cadf0e8f5bb6c13c19697e46e1429 - 3f300a41a3668095688aa4551214e8080829fa93
Linux/Linux 965544150d1cadf0e8f5bb6c13c19697e46e1429 - c6cb77c474a32265e21c4871c7992468bf5e7638
linux/linux_kernel 6.16
... and 2 more
Published Apr 03, 2026
Tracked Since Apr 03, 2026