Memory leak in Linux kernel - CVE-2026-43269
Published: May 7, 2026
Vulnerability identifier: #VU130428
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2026-43269
CWE-ID: CWE-401
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Linux Foundation
Affected software:
Linux kernel
Linux kernel
Detailed vulnerability description
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to a memory leak in the atomic_destroy_state callback in drm/atmel-hlcdc when handling atomic display state cleanup. A local user can trigger repeated graphics operations to cause a denial of service.
The issue may be observed only after prolonged usage of a graphics application.
How to mitigate CVE-2026-43269
Install security update from vendor's repository.
Sources
- https://git.kernel.org/stable/c/082271e364a3205598c2e4e6233a9f49ce7941cf
- https://git.kernel.org/stable/c/25e832a7830740e72103eb0b527680a4b64bbcb3
- https://git.kernel.org/stable/c/3e64e78f4a70e3f6ac8fe5a7071f08ffd25a2489
- https://git.kernel.org/stable/c/5718d98976ad6b9700e5a6afec67fc47a8a92580
- https://git.kernel.org/stable/c/57fa3487acfa3467405f8506b94682abd96e7393
- https://git.kernel.org/stable/c/6d4e91ab97fda64e8cf9c8881cc3b4da026bd849
- https://git.kernel.org/stable/c/ec40702029b08ee8d5f5b03303d64a10e74a957b
- https://git.kernel.org/stable/c/f12352471061df83a36edf54bbb16284793284e4