CVE-2026-43269
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
drm/atmel-hlcdc: fix memory leak from the atomic_destroy_state callback
After several commits, the slab memory increases. Some drm_crtc_commit objects are not freed. The atomic_destroy_state callback only put the framebuffer. Use the __drm_atomic_helper_plane_destroy_state() function to put all the objects that are no longer needed.
It has been seen after hours of usage of a graphics application or using kmemleak:
unreferenced object 0xc63a6580 (size 64): comm "egt_basic", pid 171, jiffies 4294940784 hex dump (first 32 bytes): 40 50 34 c5 01 00 00 00 ff ff ff ff 8c 65 3a c6 @P4……….e:. 8c 65 3a c6 ff ff ff ff 98 65 3a c6 98 65 3a c6 .e:……e:..e:. backtrace (crc c25aa925): kmemleak_alloc+0x34/0x3c __kmalloc_cache_noprof+0x150/0x1a4 drm_atomic_helper_setup_commit+0x1e8/0x7bc drm_atomic_helper_commit+0x3c/0x15c drm_atomic_commit+0xc0/0xf4 drm_atomic_helper_set_config+0x84/0xb8 drm_mode_setcrtc+0x32c/0x810 drm_ioctl+0x20c/0x488 sys_ioctl+0x14c/0xc20 ret_fast_syscall+0x0/0x54
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 2389fc1305fc1e2cf8b310a75463fefd3058bf48 < 6d4e91ab97fda64e8cf9c8881cc3b4da026bd849 | affected |
| Linux | Linux | 2389fc1305fc1e2cf8b310a75463fefd3058bf48 < 5718d98976ad6b9700e5a6afec67fc47a8a92580 | affected |
| Linux | Linux | 2389fc1305fc1e2cf8b310a75463fefd3058bf48 < 57fa3487acfa3467405f8506b94682abd96e7393 | affected |
| Linux | Linux | 2389fc1305fc1e2cf8b310a75463fefd3058bf48 < ec40702029b08ee8d5f5b03303d64a10e74a957b | affected |
| Linux | Linux | 2389fc1305fc1e2cf8b310a75463fefd3058bf48 < 25e832a7830740e72103eb0b527680a4b64bbcb3 | affected |
| Linux | Linux | 2389fc1305fc1e2cf8b310a75463fefd3058bf48 < 082271e364a3205598c2e4e6233a9f49ce7941cf | affected |
| Linux | Linux | 2389fc1305fc1e2cf8b310a75463fefd3058bf48 < 3e64e78f4a70e3f6ac8fe5a7071f08ffd25a2489 | affected |
| Linux | Linux | 2389fc1305fc1e2cf8b310a75463fefd3058bf48 < f12352471061df83a36edf54bbb16284793284e4 | affected |
| Linux | Linux | 4.1 | affected |
| Linux | Linux | 0 < 4.1 | unaffected |
| Linux | Linux | 5.10.252 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.202 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.165 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.128 <= 6.6.* | unaffected |
| Linux | Linux | 6.12.75 <= 6.12.* | unaffected |
| Linux | Linux | 6.18.16 <= 6.18.* | unaffected |
| Linux | Linux | 6.19.6 <= 6.19.* | unaffected |
| Linux | Linux | 7.0 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/6d4e91ab97fda64e8cf9c8881cc3b4da026bd849
- https://git.kernel.org/stable/c/5718d98976ad6b9700e5a6afec67fc47a8a92580
- https://git.kernel.org/stable/c/57fa3487acfa3467405f8506b94682abd96e7393
- https://git.kernel.org/stable/c/ec40702029b08ee8d5f5b03303d64a10e74a957b
- https://git.kernel.org/stable/c/25e832a7830740e72103eb0b527680a4b64bbcb3
- https://git.kernel.org/stable/c/082271e364a3205598c2e4e6233a9f49ce7941cf
- https://git.kernel.org/stable/c/3e64e78f4a70e3f6ac8fe5a7071f08ffd25a2489
- https://git.kernel.org/stable/c/f12352471061df83a36edf54bbb16284793284e4
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.