Description
In the Linux kernel, the following vulnerability has been resolved:

accel/ivpu: Disallow re-exporting imported GEM objects

Prevent re-exporting of imported GEM buffers by adding a custom
prime_handle_to_fd callback that checks if the object is imported
and returns -EOPNOTSUPP if so.

Re-exporting imported GEM buffers causes loss of buffer flags settings,
leading to incorrect device access and data corruption.
Published: 2026-05-21
Score: n/a
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The Linux kernel’s accel/ivpu subsystem had a flaw that allowed callers to re‑export imported GEM buffers. Because the kernel did not reject this operation, the original buffer flag settings were lost, which caused the device to treat subsequent accesses to the buffer incorrectly and could lead to data corruption or improper permissions for the device traffic. The bug was addressed by adding a custom prime_handle_to_fd callback that checks whether the object was imported and returns -EOPNOTSUPP if it was, thereby preventing the re‑export.

Affected Systems

Affected systems: Any Linux kernel that includes the accel/ivpu driver and GEM buffer handling logic is potentially impacted. The NAO vendors list indicates Linux:Linux, and no specific version ranges are provided, meaning that any kernel built with this subsystem before the patch is affected.

Risk and Exploitability

EPSS data is not available and the vulnerability is not listed in CISA’s KEV catalog, so the exploitation probability cannot be quantified. The bug involves low‑level kernel buffer management, so exploitation would require interaction with the graphics or accelerated video subsystem, suggesting a local or privileged attack surface. While no CVSS score is supplied, the nature of the flaw indicates potential for data corruption and, by extension, possible privilege escalation, warranting a precautionary stance.

Generated by OpenCVE AI on May 21, 2026 at 13:50 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the Linux kernel to a release that includes the commit that disallows re‑exporting of imported GEM buffers
  • If an upgrade cannot be performed immediately, disable the accel/ivpu driver or other graphics components that may use GEM exports until the patch is applied
  • Monitor system logs for attempts to re‑export GEM buffers and set up alerts for such events to detect potential abuse

Generated by OpenCVE AI on May 21, 2026 at 13:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 21 May 2026 14:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-265
CWE-284

Thu, 21 May 2026 12:30:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Disallow re-exporting imported GEM objects Prevent re-exporting of imported GEM buffers by adding a custom prime_handle_to_fd callback that checks if the object is imported and returns -EOPNOTSUPP if so. Re-exporting imported GEM buffers causes loss of buffer flags settings, leading to incorrect device access and data corruption.
Title accel/ivpu: Disallow re-exporting imported GEM objects
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-05-21T12:17:48.550Z

Reserved: 2026-05-01T14:12:56.014Z

Link: CVE-2026-43498

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-05-21T13:16:19.200

Modified: 2026-05-21T13:16:19.200

Link: CVE-2026-43498

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-21T14:00:12Z

Weaknesses