Description
In the Linux kernel, the following vulnerability has been resolved:

drm/xe/reg_sr: Fix leak on xa_store failure

Free the newly allocated entry when xa_store() fails to avoid a memory
leak on the error path.

v2: use goto fail_free. (Bala)

(cherry picked from commit 6bc6fec71ac45f52db609af4e62bdb96b9f5fadb)
Published: 2026-04-03
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Memory Leak leading to potential resource exhaustion
Action: Apply Patch
AI Analysis

Impact

The vulnerability is a memory leak in the DRM Xe component of the Linux kernel. When the xa_store operation fails, the newly allocated data structure is not released, allowing an attacker to repeatedly allocate memory until the system is exhausted. This flaw can lead to degraded performance or a crash, but it does not grant direct code execution or privilege escalation. It falls under CWE‑772 (Missing Release in Critical Path).

Affected Systems

All Linux kernel releases that include the drm/xe/reg_sr subsystem without the fix are affected. The patch implementing the fix is present from kernel commit 6bc6fec71ac45f52db609af4e62bdb96b9f5fadb forward, so any kernel built from upstream Linux before that commit is vulnerable.

Risk and Exploitability

The CVSS score of 5.5 indicates moderate severity, reflecting that while the flaw does not compromise confidentiality or integrity, it can affect availability by exhausting memory resources. The EPSS score is less than 1 % and the vulnerability is not listed in the CISA KEV catalog, suggesting a low likelihood of exploitation. The attack requires privileged access to trigger DRM Xe operations, typically achievable by local users with graphics rendering capabilities or applications running in privileged containers. Given the requirement for kernel‑level interaction and the low exploitation probability, the risk is moderate, but regular monitoring and prompt patching are recommended.

Generated by OpenCVE AI on April 7, 2026 at 09:56 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the kernel patch that implements commit 6bc6fec71ac45f52db609af4e62bdb96b9f5fadb, which frees the allocated entry on xa_store failure.
  • Upgrade to a kernel version that includes this fix if a direct patch is not available.
  • Verify kernel stability after the update in a staging environment before deploying to production.

Generated by OpenCVE AI on April 7, 2026 at 09:56 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 07 Apr 2026 08:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-401

Sat, 04 Apr 2026 01:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-772
References
Metrics threat_severity

None

 cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

threat_severity

Low

Fri, 03 Apr 2026 21:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-401

Fri, 03 Apr 2026 14:00:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: drm/xe/reg_sr: Fix leak on xa_store failure Free the newly allocated entry when xa_store() fails to avoid a memory leak on the error path. v2: use goto fail_free. (Bala) (cherry picked from commit 6bc6fec71ac45f52db609af4e62bdb96b9f5fadb)
Title drm/xe/reg_sr: Fix leak on xa_store failure
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-04-03T13:24:22.572Z

Reserved: 2026-01-13T15:37:46.014Z

Link: CVE-2026-23418

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-03T14:16:27.713

Modified: 2026-04-03T16:10:23.730

Link: CVE-2026-23418

cve-icon Redhat

Severity : Low

Publid Date: 2026-04-03T00:00:00Z

Links: CVE-2026-23418 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-08T19:54:18Z

Weaknesses