CVE-2026-46224
Gravedad CVSS v3.1:
MEDIA
Tipo:
No Disponible / Otro tipo
Fecha de publicación:
28/05/2026
Última modificación:
10/06/2026
Descripción
*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
drm/xe: Fix bo leak in xe_dma_buf_init_obj() on allocation failure<br />
<br />
When drm_gpuvm_resv_object_alloc() fails, the pre-allocated storage bo<br />
is not freed. Add xe_bo_free(storage) before returning the error.<br />
<br />
xe_dma_buf_init_obj() calls xe_bo_init_locked(), which frees the bo on<br />
error. Therefore, xe_dma_buf_init_obj() must also free the bo on its own<br />
error paths. Otherwise, since xe_gem_prime_import() cannot distinguish<br />
whether the failure originated from xe_dma_buf_init_obj() or from<br />
xe_bo_init_locked(), it cannot safely decide whether the bo should be<br />
freed.<br />
<br />
Add comments documenting the ownership semantics: on success, ownership<br />
of storage is transferred to the returned drm_gem_object; on failure,<br />
storage is freed before returning.<br />
<br />
v2: Add comments to explain the free logic.<br />
<br />
(cherry picked from commit 78a6c5f899f22338bbf48b44fb8950409c5a69b9)
Impacto
Puntuación base 3.x
5.50
Gravedad 3.x
MEDIA
Productos y versiones vulnerables
| CPE | Desde | Hasta |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.18 (incluyendo) | 6.18.32 (excluyendo) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.19 (incluyendo) | 7.0.9 (excluyendo) |
| cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:* |
Para consultar la lista completa de nombres de CPE con productos y versiones, ver esta página



