PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-46201 Linux CVE debrief

A resource leak vulnerability in the Linux kernel's Xe graphics driver (drm/xe) could allow memory exhaustion or system instability. The flaw occurs in xe_gem_prime_import() where a DMA-BUF attachment is not properly detached when xe_dma_buf_init_obj() fails, leading to a reference count leak. The vulnerability affects kernel versions receiving stable backports. Patches are available from the Linux kernel stable tree.

Vendor
Linux
Product
Unknown
CVSS
HIGH 7.8
CISA KEV
Not listed in stored evidence
Original CVE published
2026-05-28
Original CVE updated
2026-05-30
Advisory published
2026-05-28
Advisory updated
2026-05-30

Who should care

Organizations running Linux systems with Intel Xe graphics hardware, particularly those using DMA-BUF sharing for compositing, virtualization, or GPU compute workloads. Cloud providers and multi-tenant environments with GPU passthrough or mediated device configurations should prioritize patching due to resource leak accumulation risk.

Technical summary

The Xe graphics driver in the Linux kernel contains a resource leak in the xe_gem_prime_import() function, which handles importing external DMA-BUF objects. When the subsequent xe_dma_buf_init_obj() call fails, the code path returns an error without detaching the DMA-BUF attachment created by dma_buf_dynamic_attach(). This leaves the attachment referenced, causing a resource leak that could lead to memory exhaustion over time. The fix explicitly adds dma_buf_detach() before the error return, with careful handling to avoid a double-free since xe_dma_buf_init_obj() already frees the buffer object on failure. The vulnerability affects the drm/xe subsystem and requires local access to trigger the import path.

Defensive priority

medium

Recommended defensive actions

  • Apply the relevant stable kernel patch for your kernel version: 6.12.x (commit 0afa8b1ef582), 6.14.x (commit 111ab678471b), 6.15.x (commit d394669e1949), or mainline (commit eea1e10f8d99)
  • Monitor kernel logs for memory pressure or DMA-BUF related errors on systems using Intel Xe graphics
  • Review systems running workloads that import external DMA-BUFs into the Xe driver, such as Wayland compositors or GPU virtualization stacks
  • Prioritize patching on multi-tenant or long-running systems where resource leaks could accumulate
  • Verify patch application via kernel version check: uname -r and comparison against patched stable releases

Evidence notes

The vulnerability description indicates a DMA-BUF attachment leak in xe_gem_prime_import() when xe_dma_buf_init_obj() fails. The fix adds dma_buf_detach() before returning error, with explicit note that goto out_err cannot be used due to double-free risk. Multiple stable kernel backport commits are referenced.

Official resources

2026-05-28