CVE-2026-43105
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
06/05/2026
Last modified:
11/05/2026
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
drm/vc4: Fix memory leak of BO array in hang state<br />
<br />
The hang state&#39;s BO array is allocated separately with kzalloc() in<br />
vc4_save_hang_state() but never freed in vc4_free_hang_state(). Add the<br />
missing kfree() for the BO array before freeing the hang state struct.
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.5 (including) | 6.6.136 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.7 (including) | 6.12.83 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.13 (including) | 6.18.24 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.19 (including) | 6.19.14 (excluding) |
| cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:7.0:rc5:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:7.0:rc6:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:7.0:rc7:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/0d3c014a84396a147705f523a8fd6fc873e76502
- https://git.kernel.org/stable/c/421cea4f71f7cf65abaae878562ee4aa2b684628
- https://git.kernel.org/stable/c/a812008fe3a0aebb778d277b35717f64e23d0302
- https://git.kernel.org/stable/c/b8138567c4a80fd76a647849ebd4284996cf4b17
- https://git.kernel.org/stable/c/f4dfd6847b3e5d24e336bca6057485116d17aea4