CVE-2026-45908 - Vulnerability Details

- accel/amdxdna: Fix memory leak in amdxdna_ubuf_map

Description

In the Linux kernel, the following vulnerability has been resolved:

accel/amdxdna: Fix memory leak in amdxdna_ubuf_map

The amdxdna_ubuf_map() function allocates memory for sg and
internal sg table structures, but it fails to free them if subsequent
operations (sg_alloc_table_from_pages or dma_map_sgtable) fail.

Published: 2026-05-27

Score: n/a

EPSS: n/a

KEV: No

Impact:

Action:

Analysis

Impact

The kernel function accel/amdxdna:amdxdna_ubuf_map allocates scatter‑gather structures but fails to free them when subsequent allocation or mapping calls fail, causing a memory leak that can grow until the system exhausts available memory and becomes unstable or refuses to service new requests. This is a classic example of a memory leak (CWE-401) compounded by unchecked error handling (CWE-672).

Affected Systems

The vulnerability affects the Linux operating system kernel. No specific kernel versions are listed in the advisory, so any kernel that contains the amdxdna driver before the applied fix may be impacted.

Risk and Exploitability

The EPSS score is not available and the vulnerability is not listed in the CISA KEV catalog. The most likely attack vector would require local kernel access or elevated privileges that can trigger the amdxdna driver’s mapping functions. Because the flaw is only triggered when allocation or mapping operations fail, the conditions for exploitation are somewhat constrained, which reduces the overall threat level but still enables the possibility of a denial of service if an attacker can force repeated failures. The risk is therefore moderate but should be mitigated promptly.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

unaffected

Version	Status	Constraints
`bd72d4acda1069579b35123e3cc0b21ec1193a21`	affected	< 5a68d2c99c859e6e8e36fa4e32749abf6d1fb66a
`bd72d4acda1069579b35123e3cc0b21ec1193a21`	affected	< f9f4366d2ff93b07c2571561c776bd9a708078c3
`bd72d4acda1069579b35123e3cc0b21ec1193a21`	affected	< 84dd57fb0359500092f1101409ca32091731490d

Linux

affected

Version	Status	Constraints
`6.18`	affected	—
`0`	unaffected	< 6.18
`6.18.14`	unaffected	≤ 6.18.*
`6.19.4`	unaffected	≤ 6.19.*
`7.0`	unaffected	≤ *

No data.

Vendor Product Confidence Versions

Linux

Linux Kernel

99%

Version	Status	Scheme	Platform
`[bd72d4acda1069579b35123e3cc0b21ec1193a21,5a68d2c99c859e6e36fa4e32749abf6d1fb66a)`	affected	code_commit	—
`[bd72d4acda1069579b35123e3cc0b21ec1193a21,f9f4366d2ff93b07c2571561c776bd9a708078c3)`	affected	code_commit	—
`[bd72d4acda1069579b35123e3cc0b21ec1193a21,84dd57fb0359500092f1101409ca32091731490d)`	affected	code_commit	—

Linux

Linux Kernel

99%

Version	Status	Scheme	Platform
`6.18`	affected	generic	—
`[0,6.18)`	unaffected	generic	—
`[6.18.14,6.19.0)`	unaffected	generic	—
`[6.19.4,6.20.0)`	unaffected	generic	—
`[7.0,*]`	unaffected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade the Linux kernel to a version that incorporates the amdxdna_ubuf_map memory‑leak fix
Monitor the system’s memory usage frequently, looking for abnormal growth in RAM consumption or SWAP usage that might indicate an unresolved leak
If an immediate kernel upgrade is not possible, consider disabling or limiting the use of AMD XDNA acceleration features to reduce the likelihood of triggering the affected code path

Generated by OpenCVE AI on May 27, 2026 at 16:37 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://git.kernel.org/stable/c/5a68d2c99c859e6e8e36fa4e32749abf6d1fb66a
https://git.kernel.org/stable/c/84dd57fb0359500092f1101409ca32091731490d
https://git.kernel.org/stable/c/f9f4366d2ff93b07c2571561c776bd9a708078c3

History

Wed, 27 May 2026 17:00:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-401 CWE-672

Wed, 27 May 2026 14:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix memory leak in amdxdna_ubuf_map The amdxdna_ubuf_map() function allocates memory for sg and internal sg table structures, but it fails to free them if subsequent operations (sg_alloc_table_from_pages or dma_map_sgtable) fail.
Title		accel/amdxdna: Fix memory leak in amdxdna_ubuf_map
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/5a68d2c99c859e6e8e36fa4e32749abf6d1fb66a https://git.kernel.org/stable/c/84dd57fb0359500092f1101409ca32091731490d https://git.kernel.org/stable/c/f9f4366d2ff93b07c2571561c776bd9a708078c3

Subscriptions

Linux Linux Kernel

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-05-27T12:17:22.048Z

Updated: 2026-05-27T12:17:22.048Z

Reserved: 2026-05-13T15:03:33.084Z

Link: CVE-2026-45908

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2026-05-27T14:17:05.350

Modified: 2026-05-27T14:48:31.480

Link: CVE-2026-45908

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-05-27T18:30:26Z

Weaknesses

Impact

Affected Systems

Risk and Exploitability

Tracking

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object