CVE-2026-52950

Enriched by CISA
 

In the Linux kernel, the following vulnerability has been resolved: drm/xe/dma-buf: fix UAF with retry loop Retry doesn't work here, since bo will be freed on error, leading to UAF. However, now that we do the alloc & init before the attach, we can now combine this as one unit and have the init do the alloc for us. This should make the retry safe. Reported by Sashiko. v2: Fix up the error unwind (CI) (cherry picked from commit 479669418253e0f27f8cf5db01a731352ea592e7)
https://nvd.nist.gov/vuln/detail/CVE-2026-52950

Categories

No category defined

References


 

AFFECTED (from MITRE)

Vendor Product Versions
Linux Linux
  • eb289a5f6cc668853f9b2ea6aca04afe58ed11c7 < 39fdac6be02eb7c3460518c1c4085f75f935c4ce [affected]
  • eb289a5f6cc668853f9b2ea6aca04afe58ed11c7 < 827062952ed9bdf4220466c1f05ce452d04bdedf [affected]
  • eb289a5f6cc668853f9b2ea6aca04afe58ed11c7 < 155a372a1cc50fa93387c5d3cdfd614a61e1afd1 [affected]
Linux Linux
  • 6.18 [affected]
  • < 6.18 [unaffected]
  • 6.18.33 ≤ 6.18.* [unaffected]
  • 7.0.10 ≤ 7.0.* [unaffected]
  • 7.1 ≤ * [unaffected]
© 2022 The MITRE Corporation. This work is reproduced and distributed with the permission of The MITRE Corporation.

CPE

cpe start end
Configuration 1
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* >= 6.18 < 6.18.33
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* >= 6.18 < 7.0.10
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* >= 6.18 < 7.1

REMEDIATION


EXPLOITS

Exploit-db.com

id description date
No known exploits

POC Github

Url
No known exploits

Other Nist (github, ...)

Url
No known exploits

CAPEC

Common Attack Pattern Enumerations and Classifications

id description severity
No entry