Description
In the Linux kernel, the following vulnerability has been resolved:

drm/virtio: Fix driver removal with disabled KMS

DRM atomic and modesetting aren't initialized if virtio-gpu driver built
with disabled KMS, leading to access of uninitialized data on driver
removal/unbinding and crashing kernel. Fix it by skipping shutting down
atomic core with unavailable KMS.
Published: 2026-07-01
Score: n/a
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A defect in the Linux virtio-gpu DRM driver causes the driver to access data that has never been initialized when the kernel mode setting (KMS) feature is disabled. The uninitialized pointer is dereferenced during driver removal or unbinding, resulting in a kernel panic that brings the system down. This flaw effectively makes the host unavailable for legitimate users and can be leveraged by an attacker to trigger a denial‑of‑service. The weakness is an instance of improper initialization leading to uninitialized data usage.

Affected Systems

All Linux kernel builds that include the virtio-gpu driver compiled with KMS disabled are affected. Since the commit that removes the shutdown of the atomic core when KMS is unavailable is not present in earlier kernels, any kernel version prior to that commit is potentially vulnerable. The vulnerability is not tied to a narrow version range and applies across distributions, as indicated by the generic Linux kernel CPE string.

Risk and Exploitability

The lack of an EPSS score and the exemption from the CISA KEV catalog indicate that no widespread exploitation is documented. However, the impact of a kernel crash is severe. The flaw is presumably exploitable only by processes that can load and unload kernel modules or influence device binding, which typically requires privileged or root access. An attacker with such privileges could intentionally unload the virtio-gpu driver while KMS is disabled to force a system reboot. Although no public exploit exists, the severity of the crash warrants prompt remediation.

Generated by OpenCVE AI on July 1, 2026 at 21:17 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update to a Linux kernel version that includes the commit adding the guard to skip atomic core shutdown when KMS is disabled.
  • If a kernel upgrade cannot be performed immediately, avoid unloading or unbinding the virtio-gpu driver while KMS is disabled; keep the driver loaded or disable it permanently in the firmware configuration.
  • Rebuild the kernel or load the virtio-gpu module with KMS enabled so that the atomic modesetting component is initialized before removal.

Generated by OpenCVE AI on July 1, 2026 at 21:17 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 01 Jul 2026 21:45:00 +0000

Type Values Removed Values Added
Weaknesses CWE-457

Wed, 01 Jul 2026 13:45:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: drm/virtio: Fix driver removal with disabled KMS DRM atomic and modesetting aren't initialized if virtio-gpu driver built with disabled KMS, leading to access of uninitialized data on driver removal/unbinding and crashing kernel. Fix it by skipping shutting down atomic core with unavailable KMS.
Title drm/virtio: Fix driver removal with disabled KMS
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-07-01T13:32:26.262Z

Reserved: 2026-06-09T07:44:35.399Z

Link: CVE-2026-53347

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-07-01T21:30:16Z

Weaknesses
  • CWE-457

    Use of Uninitialized Variable