Description
In the Linux kernel, the following vulnerability has been resolved:

drm/vc4: fix krealloc() memory leak

Don't just overwrite the original pointer passed to krealloc()
with its return value without checking latter:

MEM = krealloc(MEM, SZ, GFP);

If krealloc() returns NULL, that erases the pointer
to the still allocated memory, hence leaks this memory.
Instead, use a temporary variable, check it's not NULL
and only then assign it to the original pointer:

TMP = krealloc(MEM, SZ, GFP);
if (!TMP) return;
MEM = TMP;

While on it, use krealloc_array().
Published: 2026-06-25
Score: n/a
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The driver incorrectly assigns the result of krealloc to the original pointer without checking if the call returned NULL, destroying the reference to the previously allocated memory and leaking that memory block. This is an Incorrect Check of Return Value (CWE‑253) vulnerability that, if repeatedly exploited, can exhaust system memory andservice. The vulnerability is limited to availability, as memory exhaustion can cause denial‑of‑service.

Affected Systems

The flaw exists in the Linux kernel’s DRM driver for the VC4 GPU. Any Linux system running a kernel version that includes the legacy drm/vc4 driver without the patch is affected. The patch is referenced by commit identifiers; versions are not enumerated.

Risk and Exploitability

No CVSS score is provided, but the EPSS score indicates a probability of less than 1%, and the vulnerability is not listed in the CISA KEV catalog. Inferred attack vector would be local kernel exploitation, as an attacker must trigger the faulty krealloc path within the DRM driver, which does not provide arbitrary code execution. The risk is primarily denial‑of‑service via memory exhaustion can interact with the driver.

Generated by OpenCVE AI on June 26, 2026 at 17:56 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply a kernel update that includes the patch referenced by the provided commit URLs
  • Reboot the system after updating to ensure the patched driver is loaded
  • Monitor system memory usage and GPU activity for signs of memory leakage

Generated by OpenCVE AI on June 26, 2026 at 17:56 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DLA Debian DLA DLA-4665-1 linux security update
Debian DLA Debian DLA DLA-4671-1 linux-6.1 security update
History

Fri, 26 Jun 2026 15:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-401

Fri, 26 Jun 2026 12:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-253
References
Metrics threat_severity

None

threat_severity

Moderate


Thu, 25 Jun 2026 11:45:00 +0000

Type Values Removed Values Added
Weaknesses CWE-401

Thu, 25 Jun 2026 09:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: drm/vc4: fix krealloc() memory leak Don't just overwrite the original pointer passed to krealloc() with its return value without checking latter: MEM = krealloc(MEM, SZ, GFP); If krealloc() returns NULL, that erases the pointer to the still allocated memory, hence leaks this memory. Instead, use a temporary variable, check it's not NULL and only then assign it to the original pointer: TMP = krealloc(MEM, SZ, GFP); if (!TMP) return; MEM = TMP; While on it, use krealloc_array().
Title drm/vc4: fix krealloc() memory leak
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-06-25T08:39:17.552Z

Reserved: 2026-06-09T07:44:35.392Z

Link: CVE-2026-53213

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-06-25T00:00:00Z

Links: CVE-2026-53213 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-06-26T18:00:06Z

Weaknesses
  • CWE-253

    Incorrect Check of Function Return Value