Description
In the Linux kernel, the following vulnerability has been resolved:

drm/vc4: Fix a memory leak in hang state error path

When vc4_save_hang_state() encounters an early return condition, it
returns without freeing the previously allocated `kernel_state`,
leaking memory.

Add the missing kfree() calls by consolidating the early return paths
into a single place.
Published: 2026-05-06
Score: n/a
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A memory leak was discovered in the vc4 driver of the Linux kernel. When the function that captures a hang state returns early, a previously allocated kernel memory block is never freed. If this path is triggered repeatedly, memory used by the driver can grow without bound, eventually exhausting system resources and causing the kernel to become unresponsive or crash. The vulnerability does not provide direct control over data or code execution, but it enables a local attacker to degrade or deny service by repeatedly inducing the leak.

Affected Systems

Any Linux system that includes the vc4 DRM driver in its kernel is affected. The vendor designation is Linux, and no specific kernel version range is provided in the available data, so all kernels that contain the unpatched code before the recent commit should be considered vulnerable.

Risk and Exploitability

The EPSS score is unavailable and the vulnerability is not listed in the CISA KEV catalog, suggesting that no widespread exploitation has been observed yet. Because the flaw requires interacting with the Vulkan or DRM subsystem to trigger the kernel path that leaks memory, the attack vector is likely a local privilege escalation or user-level kernel activity on systems with the VC4 driver enabled. While the CVSS score is not given, the potential impact of resource exhaustion means that, if exploited, the vulnerability could lead to a denial of service for legitimate users.

Generated by OpenCVE AI on May 6, 2026 at 12:09 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the Linux kernel to a version that includes the fix from the referenced commits
  • If the kernel cannot be updated immediately, disable the vc4 module (e.g., add "blacklist vc4" to /etc/modprobe.d/blacklist.conf) to prevent the vulnerable driver from loading
  • If updating or disabling is not feasible, apply a custom kernel patch that adds the missing kfree() calls according to the provided commit diffs, then rebuild and install the patched kernel

Generated by OpenCVE AI on May 6, 2026 at 12:09 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 06 May 2026 09:30:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: drm/vc4: Fix a memory leak in hang state error path When vc4_save_hang_state() encounters an early return condition, it returns without freeing the previously allocated `kernel_state`, leaking memory. Add the missing kfree() calls by consolidating the early return paths into a single place.
Title drm/vc4: Fix a memory leak in hang state error path
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-05-06T07:40:33.036Z

Reserved: 2026-05-01T14:12:55.984Z

Link: CVE-2026-43104

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-05-06T10:16:23.980

Modified: 2026-05-06T10:16:23.980

Link: CVE-2026-43104

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-06T12:15:03Z

Weaknesses

No weakness.