3 matches found
CVE-2026-52950 drm/xe/dma-buf: fix UAF with retry loop
In the Linux kernel, the following vulnerability has been resolved: drm/xe/dma-buf: fix UAF with retry loop Retry doesn't work here, since bo will be freed on error, leading to UAF. However, now that we do the alloc & init before the attach, we can now combine this as one unit and have the init d...
CVE-2026-52950 drm/xe/dma-buf: fix UAF with retry loop
In the Linux kernel, the following vulnerability has been resolved: drm/xe/dma-buf: fix UAF with retry loop Retry doesn't work here, since bo will be freed on error, leading to UAF. However, now that we do the alloc & init before the attach, we can now combine this as one unit and have the init d...
PT-2026-51844
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Use-After-Free UAF issue exists within the drm/xe/dma-buf component. The flaw occurs in a retry loop where a buffer object is freed upon an error, allowing subsequent access to the fre...