CVE-2026-53141

MEDIUM

drm/v3d: Fix global performance monitor reference counting

Title source: cna
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix global performance monitor reference counting In the SET_GLOBAL ioctl, v3d_perfmon_find() bumps the reference count on the perfmon it returns, but v3d_perfmon_set_global_ioctl() and v3d_perfmon_delete() fail to release that reference on several paths: 1. v3d_perfmon_set_global_ioctl() leaks the reference on its error paths. 2. CLEAR_GLOBAL leaks both the find reference and the reference previously stashed in v3d->global_perfmon by the SET_GLOBAL ioctl that configured it. 3. Destroying a perfmon that is the current global perfmon leaks the reference stashed by the SET_GLOBAL ioctl. Release each of these references explicitly.

Scores

CVSS v3 5.5
EPSS 0.0012
EPSS Percentile 2.2%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

Status published
Products (12)
linux/Kernel 6.14.0 - 6.18.36linux
linux/Kernel 6.19.0 - 7.0.13linux
Linux/Linux < 6.14
Linux/Linux 6.14
Linux/Linux 6.18.36 - 6.18.*
Linux/Linux 7.0.13 - 7.0.*
Linux/Linux 7.1
Linux/Linux c6eabbab359c156669e10d5dec3e71e80ff09bd2 - 3e1947573140a57119294f0bff39ee18d93f23e1
Linux/Linux c6eabbab359c156669e10d5dec3e71e80ff09bd2 - 6bf7e2affc6e62da7add393d7f352d4040f5bc27
Linux/Linux c6eabbab359c156669e10d5dec3e71e80ff09bd2 - ed2eaf3b7b1820b690e4b896d344e00027526a25
... and 2 more
Published Jun 25, 2026
Tracked Since Jun 25, 2026