Description
In the Linux kernel, the following vulnerability has been resolved:

drm/gud: fix NULL fb and crtc dereferences on USB disconnect

On disconnect drm_atomic_helper_disable_all() is called which
sets both the fb and crtc for a plane to NULL before invoking a commit.

This causes a kernel oops on every display disconnect.

Add guards for those dereferences.
Published: 2026-01-31
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Kernel Crash (Denial of Service)
Action: Patch Kernel
AI Analysis

Impact

The Linux kernel contains a NULL dereference in the GUD DRM subsystem that is triggered when a display device is disconnected over USB. During the disconnect sequence, the kernel sets the frame buffer and CRTC pointers to NULL before a commit operation, and the subsequent dereference causes a kernel oops. An unstable kernel crashes, interrupting all processes and rendering the system inoperable until a reboot.

Affected Systems

This issue affects any Linux kernel build that compiles the GUD DRM module before the fix was committed. The specific kernel versions affected are not listed in the advisory, so any kernel released before the patch must be considered vulnerable until it is updated to a version that includes the change.

Risk and Exploitability

The CVSS score of 5.5 indicates moderate severity. The EPSS score of less than 1% suggests the likelihood of exploitation is low, and the vulnerability is not listed in the CISA KEV catalog. The attack vector is likely local: a user or process that causes a USB display device to disconnect can trigger the crash. An attacker with the ability to manipulate or force USB disconnect events could cause denial of service on the affected host.

Generated by OpenCVE AI on April 18, 2026 at 00:51 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the Linux kernel to a patched release that incorporates the GUD DRM NULL dereference fix.
  • Reboot the system to ensure the new kernel is running.
  • If an immediate kernel update is not possible, avoid disconnecting USB display devices or use a hardware solution to prevent unintended disconnects.

Generated by OpenCVE AI on April 18, 2026 at 00:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sat, 18 Apr 2026 01:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-476

Mon, 02 Feb 2026 12:15:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

 cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

threat_severity

Low

Sat, 31 Jan 2026 12:00:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: drm/gud: fix NULL fb and crtc dereferences on USB disconnect On disconnect drm_atomic_helper_disable_all() is called which sets both the fb and crtc for a plane to NULL before invoking a commit. This causes a kernel oops on every display disconnect. Add guards for those dereferences.
Title drm/gud: fix NULL fb and crtc dereferences on USB disconnect
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-02-09T08:37:34.029Z

Reserved: 2026-01-13T15:37:45.943Z

Link: CVE-2026-23039

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Deferred

Published: 2026-01-31T12:16:07.213

Modified: 2026-04-15T00:35:42.020

Link: CVE-2026-23039

cve-icon Redhat

Severity : Low

Publid Date: 2026-01-31T00:00:00Z

Links: CVE-2026-23039 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T01:00:11Z

Weaknesses