CVE-2026-53141
MEDIUMdrm/v3d: Fix global performance monitor reference counting
Title source: cnaDescription
In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix global performance monitor reference counting In the SET_GLOBAL ioctl, v3d_perfmon_find() bumps the reference count on the perfmon it returns, but v3d_perfmon_set_global_ioctl() and v3d_perfmon_delete() fail to release that reference on several paths: 1. v3d_perfmon_set_global_ioctl() leaks the reference on its error paths. 2. CLEAR_GLOBAL leaks both the find reference and the reference previously stashed in v3d->global_perfmon by the SET_GLOBAL ioctl that configured it. 3. Destroying a perfmon that is the current global perfmon leaks the reference stashed by the SET_GLOBAL ioctl. Release each of these references explicitly.
Scores
CVSS v3
5.5
EPSS
0.0012
EPSS Percentile
2.2%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Details
Status
published
Products (12)
linux/Kernel
6.14.0 - 6.18.36linux
linux/Kernel
6.19.0 - 7.0.13linux
Linux/Linux
< 6.14
Linux/Linux
6.14
Linux/Linux
6.18.36 - 6.18.*
Linux/Linux
7.0.13 - 7.0.*
Linux/Linux
7.1
Linux/Linux
c6eabbab359c156669e10d5dec3e71e80ff09bd2 - 3e1947573140a57119294f0bff39ee18d93f23e1
Linux/Linux
c6eabbab359c156669e10d5dec3e71e80ff09bd2 - 6bf7e2affc6e62da7add393d7f352d4040f5bc27
Linux/Linux
c6eabbab359c156669e10d5dec3e71e80ff09bd2 - ed2eaf3b7b1820b690e4b896d344e00027526a25
... and 2 more
Published
Jun 25, 2026
Tracked Since
Jun 25, 2026