CVE-2026-45980

HIGH

accel/amdxdna: Stop job scheduling across aie2_release_resource()

Title source: cna

Description

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Stop job scheduling across aie2_release_resource() Running jobs on a hardware context while it is in the process of releasing resources can lead to use-after-free and crashes. Fix this by stopping job scheduling before calling aie2_release_resource() and restarting it after the release completes. Additionally, aie2_sched_job_run() now checks whether the hardware context is still active.

References (3)

Core 3

Core References

https://git.kernel.org/stable/c/b79d31dce49b50c79620389b3639280802a86960

https://git.kernel.org/stable/c/688c3ff079b10e4600f040944430d3d4ff448a15

https://git.kernel.org/stable/c/f1370241fe8045702bc9d0812b996791f0500f1b

Scores

CVSS v3 7.8

EPSS 0.0012

EPSS Percentile 2.4%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-416

Status published

Products (11)

Linux/Linux < 6.15

Linux/Linux 36f781a3f0deac92f169416997a17e73538cf470

Linux/Linux 4fd6ca90fc7f509977585d39885f21b2911123f3 - 688c3ff079b10e4600f040944430d3d4ff448a15

Linux/Linux 4fd6ca90fc7f509977585d39885f21b2911123f3 - b79d31dce49b50c79620389b3639280802a86960

Linux/Linux 4fd6ca90fc7f509977585d39885f21b2911123f3 - f1370241fe8045702bc9d0812b996791f0500f1b

Linux/Linux 6.14.9 - 6.15

Linux/Linux 6.15

Linux/Linux 6.18.14 - 6.18.*

Linux/Linux 6.19.4 - 6.19.*

Linux/Linux 7.0

... and 1 more

Published May 27, 2026

Tracked Since May 27, 2026