CVE-2026-23466

*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> drm/xe: Open-code GGTT MMIO access protection<br /> <br /> GGTT MMIO access is currently protected by hotplug (drm_dev_enter),<br /> which works correctly when the driver loads successfully and is later<br /> unbound or unloaded. However, if driver load fails, this protection is<br /> insufficient because drm_dev_unplug() is never called.<br /> <br /> Additionally, devm release functions cannot guarantee that all BOs with<br /> GGTT mappings are destroyed before the GGTT MMIO region is removed, as<br /> some BOs may be freed asynchronously by worker threads.<br /> <br /> To address this, introduce an open-coded flag, protected by the GGTT<br /> lock, that guards GGTT MMIO access. The flag is cleared during the<br /> dev_fini_ggtt devm release function to ensure MMIO access is disabled<br /> once teardown begins.<br /> <br /> (cherry picked from commit 4f3a998a173b4325c2efd90bdadc6ccd3ad9a431)