CVE-2026-43202 - Vulnerability Details

- fbdev: vt8500lcdfb: fix missing dma_free_coherent()

Description

In the Linux kernel, the following vulnerability has been resolved:

fbdev: vt8500lcdfb: fix missing dma_free_coherent()

fbi->fb.screen_buffer is allocated with dma_alloc_coherent() but is not
freed if the error path is reached.

Published: 2026-05-06

Score: n/a

EPSS: n/a

KEV: No

Impact:

Action:

Analysis

Impact

The Linux kernel framebuffer driver vt8500lcdfb allocates a screen buffer using dma_alloc_coherent(), but the allocated memory is not freed when an error occurs during initialization. This oversight results in a memory leak that persists at kernel level until the driver is reloaded or the system is rebooted. The flaw does not provide an attacker with direct code execution, privilege escalation, or information disclosure, but it can gradually consume kernel‑level memory resources.

Affected Systems

The issue is confined to the Linux kernel and the vt8500lcdfb framebuffer driver. Specific kernel versions are not enumerated in the provided data; affected systems are those running a kernel build that includes this driver and that have not yet incorporated the upstream patch that adds dma_free_coherent() to the error path.

Risk and Exploitability

No CVSS, EPSS, or KEV information is available, indicating the vulnerability is not currently exploited in the wild. Exploitation requires local or privileged access to trigger the driver’s error path, making the attack vector limited to systems that load the vt8500lcdfb driver and experience a frequent initialization failure. The overall risk is low but the flaw can lead to degraded performance or denial of service through resource exhaustion over time.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

unaffected

Version	Status	Constraints
`e7b995371fe1e29838321fcdc3cfe35bb0d6bfc4`	affected	< 9a9bc60ed372aaae9784ff8ad8e5f496ff15fd31
`e7b995371fe1e29838321fcdc3cfe35bb0d6bfc4`	affected	< 9c3873cccb3fab54cde0605ae7093d332c99073e
`e7b995371fe1e29838321fcdc3cfe35bb0d6bfc4`	affected	< 778f31be5b8c10024db23fdd8a05f68a02311008
`e7b995371fe1e29838321fcdc3cfe35bb0d6bfc4`	affected	< e8c5d5f6cd66e032f9aefdcc21b0c34761aef78a
`e7b995371fe1e29838321fcdc3cfe35bb0d6bfc4`	affected	< f47d5b9e8aa6178a0aaf225119ad1ec7d3f49876
`e7b995371fe1e29838321fcdc3cfe35bb0d6bfc4`	affected	< 40c1ff25025150ff6d7ec7ad441fcfd6d070ee76
`e7b995371fe1e29838321fcdc3cfe35bb0d6bfc4`	affected	< 2cd2f988a8bd2da227f5c3cfa0cbf3a9a287ddc3
`e7b995371fe1e29838321fcdc3cfe35bb0d6bfc4`	affected	< 88b3b9924337336a31cefbe99a22ed09401be74a

Linux

affected

Version	Status	Constraints
`3.7`	affected	—
`0`	unaffected	< 3.7
`5.10.252`	unaffected	≤ 5.10.*
`5.15.202`	unaffected	≤ 5.15.*
`6.1.165`	unaffected	≤ 6.1.*
`6.6.128`	unaffected	≤ 6.6.*
`6.12.75`	unaffected	≤ 6.12.*
`6.18.16`	unaffected	≤ 6.18.*
`6.19.6`	unaffected	≤ 6.19.*
`7.0`	unaffected	≤ *

No data.

Vendor Product Confidence Versions

Linux

Linux Kernel

99%

Version	Status	Scheme	Platform
`[e7b995371fe1e29838321fcdc3cfe35bb0d6bfc4,9a9bc60ed372aaae9784ff8ad8e5f496ff15fd31)`	affected	code_commit	—
`[e7b995371fe1e29838321fcdc3cfe35bb0d6bfc4,9c3873cccb3fab54cde0605ae7093d332c99073e)`	affected	code_commit	—
`[e7b995371fe1e29838321fcdc3cfe35bb0d6bfc4,778f31be5b8c10024db23fdd8a05f68a02311008)`	affected	code_commit	—
`[e7b995371fe1e29838321fcdc3cfe35bb0d6bfc4,e8c5d5f6cd66e032f9aefdcc21b0c34761aef78a)`	affected	code_commit	—
`[e7b995371fe1e29838321fcdc3cfe35bb0d6bfc4,f47d5b9e8aa6178a0aaf225119ad1ec7d3f49876)`	affected	code_commit	—
`[e7b995371fe1e29838321fcdc3cfe35bb0d6bfc4,40c1ff25025150ff6d7ec7ad441fcfd6d070ee76)`	affected	code_commit	—
`[e7b995371fe1e29838321fcdc3cfe35bb0d6bfc4,2cd2f988a8bd2da227f5c3cfa0cbf3a9a287ddc3)`	affected	code_commit	—
`[e7b995371fe1e29838321fcdc3cfe35bb0d6bfc4,88b3b9924337336a31cefbe99a22ed09401be74a)`	affected	code_commit	—

Linux

Linux Kernel

99%

Version	Status	Scheme	Platform
`3.7`	affected	generic	—
`[0,3.7)`	unaffected	generic	—
`[5.10.252,5.11.0)`	unaffected	semver	—
`[5.15.202,5.16.0)`	unaffected	semver	—
`[6.1.165,6.2.0)`	unaffected	semver	—
`[6.6.128,6.7.0)`	unaffected	semver	—
`[6.12.75,6.13.0)`	unaffected	semver	—
`[6.18.16,6.19.0)`	unaffected	semver	—
`[6.19.6,6.20.0)`	unaffected	semver	—
`[7.0,*]`	unaffected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade the Linux kernel to a release that contains the vt8500lcdfb fix for dma_free_coherent() in the error path
If running a custom or upstream kernel, apply the commit or patch that adds the missing dma_free_coherent() call to the error handling code
If a kernel upgrade cannot be performed immediately, disable or unload the vt8500lcdfb framebuffer driver via modprobe or by removing the module from the boot configuration to stop the memory leak until a patched kernel is available

Generated by OpenCVE AI on May 6, 2026 at 14:48 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://git.kernel.org/stable/c/2cd2f988a8bd2da227f5c3cfa0cbf3a9a287ddc3
https://git.kernel.org/stable/c/40c1ff25025150ff6d7ec7ad441fcfd6d070ee76
https://git.kernel.org/stable/c/778f31be5b8c10024db23fdd8a05f68a02311008
https://git.kernel.org/stable/c/88b3b9924337336a31cefbe99a22ed09401be74a
https://git.kernel.org/stable/c/9a9bc60ed372aaae9784ff8ad8e5f496ff15fd31
https://git.kernel.org/stable/c/9c3873cccb3fab54cde0605ae7093d332c99073e
https://git.kernel.org/stable/c/e8c5d5f6cd66e032f9aefdcc21b0c34761aef78a
https://git.kernel.org/stable/c/f47d5b9e8aa6178a0aaf225119ad1ec7d3f49876

History

Wed, 06 May 2026 15:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-401

Wed, 06 May 2026 12:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: fbdev: vt8500lcdfb: fix missing dma_free_coherent() fbi->fb.screen_buffer is allocated with dma_alloc_coherent() but is not freed if the error path is reached.
Title		fbdev: vt8500lcdfb: fix missing dma_free_coherent()
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/2cd2f988a8bd2da227f5c3cfa0cbf3a9a287ddc3 https://git.kernel.org/stable/c/40c1ff25025150ff6d7ec7ad441fcfd6d070ee76 https://git.kernel.org/stable/c/778f31be5b8c10024db23fdd8a05f68a02311008 https://git.kernel.org/stable/c/88b3b9924337336a31cefbe99a22ed09401be74a https://git.kernel.org/stable/c/9a9bc60ed372aaae9784ff8ad8e5f496ff15fd31 https://git.kernel.org/stable/c/9c3873cccb3fab54cde0605ae7093d332c99073e https://git.kernel.org/stable/c/e8c5d5f6cd66e032f9aefdcc21b0c34761aef78a https://git.kernel.org/stable/c/f47d5b9e8aa6178a0aaf225119ad1ec7d3f49876

Subscriptions

Linux Linux Kernel

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-05-06T11:28:08.226Z

Updated: 2026-05-06T11:28:08.226Z

Reserved: 2026-05-01T14:12:55.992Z

Link: CVE-2026-43202

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2026-05-06T12:16:39.347

Modified: 2026-05-06T13:07:51.607

Link: CVE-2026-43202

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-05-06T17:00:05Z

Weaknesses

CWE-401

Impact

Affected Systems

Risk and Exploitability

Tracking

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object