CVE-2026-23039

Summary

In the Linux kernel, the following vulnerability has been resolved:

drm/gud: fix NULL fb and crtc dereferences on USB disconnect

On disconnect drm_atomic_helper_disable_all() is called which sets both the fb and crtc for a plane to NULL before invoking a commit.

This causes a kernel oops on every display disconnect.

Add guards for those dereferences.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux73cfd166e045769a1b42d36897accaa6e06b8102 < a255ec07f91d4c73a361a28b7a3d82f5710245f1affected
LinuxLinux73cfd166e045769a1b42d36897accaa6e06b8102 < dc2d5ddb193e363187bae2ad358245642d2721fbaffected
LinuxLinux6.18affected
LinuxLinux0 < 6.18unaffected
LinuxLinux6.18.7 <= 6.18.*unaffected
LinuxLinux6.19 <= *unaffected

Weaknesses

References