VYPR
← All advisories
Medium severity5.5NVD Advisory· Published Apr 3, 2026· Updated Apr 24, 2026

CVE-2026-23418

CVE-2026-23418

Description

In the Linux kernel, the following vulnerability has been resolved:

drm/xe/reg_sr: Fix leak on xa_store failure

Free the newly allocated entry when xa_store() fails to avoid a memory leak on the error path.

v2: use goto fail_free. (Bala)

(cherry picked from commit 6bc6fec71ac45f52db609af4e62bdb96b9f5fadb)

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

A memory leak in the Linux kernel's DRM/XE driver occurs when xa_store() fails, allowing local denial of service.

Vulnerability

CVE-2026-23418 is a memory leak vulnerability in the Linux kernel's Direct Rendering Manager (DRM) subsystem for Intel Xe graphics (drm/xe/reg_sr. The bug occurs in the register save/restore (reg_sr) code path when the xa_store() function fails to insert an entry into an XArray fails. In such a failure case, the newly allocated entry is not freed, leading to a memory leak [1][2][3].

Exploitation

An attacker with local access to the system and the ability to trigger the vulnerable code path (e.g., by performing certain graphics operations that cause xa_store() to fail) can exploit this issue. No special privileges beyond local user access are required, as the vulnerability is in a kernel driver that can be reached from user space via DRM ioctls. The attack surface is limited to local, and the prerequisite is that the system uses the Intel Xe graphics driver.

Impact

Successful exploitation results in a gradual memory leak, which can eventually lead to system instability or denial of service denial (DoS) due to memory exhaustion. The CVSS v3 score of 5.5 (Medium) reflects the local attack vector and the potential for availability impact.

Mitigation

The fix was introduced in the Linux kernel commit 6bc6fec71ac45f52db609af4e62bdb96b9f5fadb, which frees the allocated entry on the error path using a goto fail_free pattern. Users should apply the latest stable kernel updates to address this vulnerability [1][2][3].

References
  1. Making sure you're not a bot!
  2. Making sure you're not a bot!
  3. Making sure you're not a bot!

AI Insight generated on May 18, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

10
  • Linux/Kernel10 versions
    cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*+ 9 more
    • cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*range: >=6.14.1,<6.18.17
    • cpe:2.3:o:linux:linux_kernel:6.14:-:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:7.0:rc5:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:7.0:rc6:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:7.0:rc7:*:*:*:*:*:*
    • (no CPE)

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

3

News mentions

0

No linked articles in our index yet.