Description
In the Linux kernel, the following vulnerability has been resolved:

drm/vmwgfx: Don't overwrite KMS surface dirty tracker

We were overwriting the surface's dirty tracker here causing a memory leak.
Published: 2026-04-03
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service via memory exhaustion
Action: Apply Patch
AI Analysis

Impact

The Linux kernel’s drm/vmwgfx driver contains a flaw that overwrites a KMS surface dirty tracker each time a surface is refreshed, discarding otherwise freed memory and causing a memory leak. This gradual exhaustion of system RAM can lead to instability or crashes, effectively denying service. Based on the description, the likely attack vector is a local process that can invoke vmwgfx operations, such as a privileged user or graphics application.

Affected Systems

Affected systems include any Linux kernel that incorporates the vmwgfx DRM module and has not yet received the upstream fix. The vulnerability applies broadly across distributions that ship the default kernel build with the vmwgfx driver, regardless of specific release version, until a patched kernel is installed.

Risk and Exploitability

Formal CVSS or EPSS metrics are not available, so a precise numerical risk assessment cannot be provided. The weakness requires local access to the graphics driver, suggesting that privilege escalation or local persistence may be necessary for exploitation. Once the memory threshold is surpassed, the impact is a denial of service through RAM exhaustion. The vulnerability is not listed in the CISA KEV catalog and does not provide privilege escalation or remote code execution. Therefore, the exploitation risk is considered moderate, with a clear path to denial of service under favorable conditions.

Generated by OpenCVE AI on April 3, 2026 at 18:57 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the Linux kernel to a version that includes the vmwgfx patch from the vendor repository.
  • Reboot the system after applying the patch to clear any stale allocations.
  • Monitor memory usage and system logs to verify that the leak no longer occurs.

Generated by OpenCVE AI on April 3, 2026 at 18:57 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sat, 04 Apr 2026 01:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-911
References
Metrics threat_severity

None

 cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

threat_severity

Low

Fri, 03 Apr 2026 21:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-401

Fri, 03 Apr 2026 16:30:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Don't overwrite KMS surface dirty tracker We were overwriting the surface's dirty tracker here causing a memory leak.
Title drm/vmwgfx: Don't overwrite KMS surface dirty tracker
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-04-03T15:15:16.687Z

Reserved: 2026-01-13T15:37:46.016Z

Link: CVE-2026-23430

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-04-03T16:16:24.357

Modified: 2026-04-03T16:16:24.357

Link: CVE-2026-23430

cve-icon Redhat

Severity : Low

Publid Date: 2026-04-03T00:00:00Z

Links: CVE-2026-23430 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-03T21:16:21Z

Weaknesses