anonhaven
Ad

CVE-2026-23350

HIGH CVSS 3.1: 7.8 EPSS 0.02%
Updated Apr 02, 2026
Linux
Parameter Value
CVSS 7.8 (HIGH)
Vendor Linux
Public PoC No

In the Linux kernel, the following vulnerability has been resolved: drm/xe/queue: Call fini on exec queue creation fail Every call to queue init should have a corresponding fini call. Skipping this would mean skipping removal of the queue from GuC list (which is part of guc_id allocation). A damaged queue stored in exec_queue_lookup list would lead to invalid memory reference, sooner or later.

Call fini to free guc_id. This must be done before any internal LRCs are freed. Since the finalization with this extra call became very similar to __xe_exec_queue_fini(), reuse that.

To make this reuse possible, alter xe_lrc_put() so it can survive NULL parameters, like other similar functions. v2: Reuse _xe_exec_queue_fini(). Make xe_lrc_put() aware of NULLs. (cherry picked from commit 393e5fea6f7d7054abc2c3d97a4cfe8306cd6079)

Attack Parameters

Attack Vector
Local
Requires local access
Attack Complexity
Low
Easy to exploit
Privileges Required
Low
Basic privileges needed
User Interaction
None
No user interaction needed

Impact Assessment

Confidentiality
High
Complete data leak
Integrity
High
Complete data modification
Availability
High
Complete denial of service

CVSS Vector v3.1

References 2

https://git.kernel.org/stable/c/99f9b5343cae80eb0dfe050baf6c86d722b3ba2e
416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/fae65b8a4449ae556990efcde8d74bec4adc5925
416baaa9-dc9f-4396-8d5f-8c081fb06d67
Share Post Share Share Share

Related Vulnerabilities

CVE-2026-23417

Linux

None

CVE-2026-23416

Linux

None

CVE-2026-23415

Linux

None

CVE-2026-23413

Linux

None

CVE-2026-23412

Linux

None