Main Vulnerability Database SB2026032596

SB2026032596 - Improper Resource Shutdown or Release in Linux kernel drm xe driver

Published: March 25, 2026

Security Bulletin ID SB2026032596

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Improper Resource Shutdown or Release (CVE-ID: CVE-2026-23350)

The vulnerability allows a local user to cause a denial of service.

The vulnerability exists due to improper resource shutdown or release in the drm/xe/queue component when initializing an execution queue. A local user can trigger a failure during queue creation, leading to improper finalization and resource deallocation, which results in a denial of service.

Failure to properly finalize the execution queue on initialization failure leads to invalid memory references due to incomplete cleanup of the GuC list and retained damaged queue entries.

Remediation

Install update from vendor's website.

SB2026032596 - Improper Resource Shutdown or Release in Linux kernel drm xe driver

Breakdown by Severity

Description

Remediation

References

Please verify you're human