CVE-2026-53213

A flaw was found in the Linux kernel's drm/vc4 component. This vulnerability occurs due to incorrect handling of the krealloc function's return value. If krealloc fails and returns a null value, the original pointer to allocated memory is overwritten without proper validation, leading to a memory...

CVE-2026-53213

CVE-2026-53213 affects the Linux kernel’s DRM VC4 path. The vulnerability is a memory-leak scenario in krealloc(): if krealloc() returns NULL, the original pointer may be overwritten, leaking the previously allocated memory. The advised fix uses a temporary variable to hold krealloc()’s return va...

EUVD-2026-39304

In the Linux kernel, the following vulnerability has been resolved: drm/vc4: fix krealloc memory leak Don't just overwrite the original pointer passed to krealloc with its return value without checking latter: MEM = kreallocMEM, SZ, GFP; If krealloc returns NULL, that erases the pointer to the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/vc4: kms: The commit pointer of the HVS FIFO is cleared once the operation is completed. Commit 9ec03d7f1ed3 “drm/vc4: kms: Wait for previous FIFO users before committing” introduced a wait for the previous commit that was...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/vc4: Fixed deadlock issues during DSI device attachment The attachment of a DSI device to a DSI host is performed while the host device’s lock is held. Unregistering the host device in the “device attachment” error path...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/vc4: Drop all currently held locks if a deadlock occurs. If vc4hdmiresetlink returns -EDEADLK, it means that a deadlock has occurred in the locking context. This issue should be addressed by dropping all currently held locks...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/vc4: The platformgetirqbyname function returns an integer. If an error occurs, platformgetirqbyname will return a negative value. Therefore, this value should be checked instead of being passed directly into...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/vc4: kms: Added the drmcrtccommitPut operation. Commit 9ec03d7f1ed3 “drm/vc4: kms: Wait on previous FIFO users before a commit” introduced a global state for the HVS, where each FIFO stores the current CRTC commit. This allow...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: drm/vc4: Do not check if plane-state-fb == state-fb Currently, when using non-blocking commits, the following kernel warnings can be observed: 110.908514 ------------ Cut here ------------ 110.908529 refcountt: Underflow; Use...

SUSE CVE-2026-43104

In the Linux kernel, the following vulnerability has been resolved: drm/vc4: Fix a memory leak in hang state error path When vc4savehangstate encounters an early return condition, it returns without freeing the previously allocated kernelstate, leaking memory. Add the missing kfree calls by...

SUSE CVE-2026-43105

In the Linux kernel, the following vulnerability has been resolved: drm/vc4: Fix memory leak of BO array in hang state The hang state's BO array is allocated separately with kzalloc in vc4savehangstate but never freed in vc4freehangstate. Add the missing kfree for the BO array before freeing the...

CVE-2026-43105

A flaw was found in the drm/vc4 component of the Linux kernel. This vulnerability is due to a memory leak where the Buffer Object BO array, allocated during a hang state, is not properly freed. A local attacker could exploit this by repeatedly triggering the hang state, leading to memory exhausti...

EUVD-2026-27620

In the Linux kernel, the following vulnerability has been resolved: drm/vc4: Fix memory leak of BO array in hang state The hang state's BO array is allocated separately with kzalloc in vc4savehangstate but never freed in vc4freehangstate. Add the missing kfree for the BO array before freeing the...

EUVD-2026-27618

In the Linux kernel, the following vulnerability has been resolved: drm/vc4: Fix a memory leak in hang state error path When vc4savehangstate encounters an early return condition, it returns without freeing the previously allocated kernelstate, leaking memory. Add the missing kfree calls by...

CVE-2026-43072

A flaw was found in the drm/vc4 component of the Linux kernel. The platformgetirqbyname function, which returns an integer that can indicate an error, was not properly validated before being passed to devmrequestthreadedirq. This oversight in error handling could potentially lead to system...

CVE-2026-43105

In the Linux kernel, the following vulnerability has been resolved: drm/vc4: Fix memory leak of BO array in hang state The hang state's BO array is allocated separately with kzalloc in vc4savehangstate but never freed in vc4freehangstate. Add the missing kfree for the BO array before freeing the...

CVE-2026-43104

In the Linux kernel, the following vulnerability has been resolved: drm/vc4: Fix a memory leak in hang state error path When vc4savehangstate encounters an early return condition, it returns without freeing the previously allocated kernelstate, leaking memory. Add the missing kfree calls by...

CVE-2026-43105

In the Linux kernel, the following vulnerability has been resolved: drm/vc4: Fix memory leak of BO array in hang state The hang state's BO array is allocated separately with kzalloc in vc4savehangstate but never freed in vc4freehangstate. Add the missing kfree for the BO array before freeing the...

CVE-2026-43104

In the Linux kernel, the following vulnerability has been resolved: drm/vc4: Fix a memory leak in hang state error path When vc4savehangstate encounters an early return condition, it returns without freeing the previously allocated kernelstate, leaking memory. Add the missing kfree calls by...

SUSE CVE-2026-43072

In the Linux kernel, the following vulnerability has been resolved: drm/vc4: platformgetirqbyname returns an int platformgetirqbyname will return a negative value if an error happens, so it should be checked and not just passed directly into devmrequestthreadedirq hoping all will be ok...