Impact
In 2026, a use‑after‑free flaw was handling path of the Linux kernel. The bug arises when the buffer object is freed during an error path and later retried, causing access to a freed object and potential kernel memory corruption., but the description does not specify privilege escalation or arbitrary code execution.
Affected Systems
Linux kernels that do not contain commit 4796694, the change that allocates and initializes the buffer before attachment, remain vulnerable. Versions prior to the inclusion of this commit in major distributions are at risk; any custom kernels lacking the fix should be examined.
Risk and Exploitability
Classified as a use‑after‑free and a data‑synchronization error (CWE‑825), the vulnerability carries a CVSS score of 7.8. The EPSS score is below 1% and the vulnerability is not listed in CISA’s KEV catalog. While no public exploitation is documented, an attacker would need to trigger the specific error condition in the DRM subsystem, which typically requires a driver or root-level interaction.
OpenCVE Enrichment