VYPR
Medium severity5.5NVD Advisory· Published May 8, 2026· Updated May 21, 2026

CVE-2026-43396

CVE-2026-43396

Description

In the Linux kernel, the following vulnerability has been resolved:

drm/xe/sync: Fix user fence leak on alloc failure

When dma_fence_chain_alloc() fails, properly release the user fence reference to prevent a memory leak.

(cherry picked from commit a5d5634cde48a9fcd68c8504aa07f89f175074a0)

Affected products

8
  • Linux/Kernel7 versions
    cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*+ 6 more
    • cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*range: >=6.18.1,<6.18.20
    • cpe:2.3:o:linux:linux_kernel:6.18:-:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:6.18:rc5:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:6.18:rc6:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:6.18:rc7:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*
    • (no CPE)

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.

CVE-2026-43396 · Medium · VYPR