CVE-2026-45853 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Use kvfree instead of kfree in amdgpu_gmc_get_nps_memranges() amdgpu_discovery_get_nps_info() internally allocates memory for ranges using kvcalloc(), which may use vmalloc() for large allocation. Using kfree() to release vmalloc memory will lead to a memory corruption. Use kvfree() to safely handle both kmalloc and vmalloc allocations. Compile tested only. Issue found using a prototype static analysis tool and code review.

PUBLISHED Reserved 2026-05-13 | Published 2026-05-27 | Updated 2026-05-27 | Assigner Linux

Product status

Default status

unaffected

b194d21b9bcc15b50df1bc3ff7428e51c2918a6f (git) before 16e7e7ad8cdc6b4c4af7f31e262f1494c1b2a55e

affected

b194d21b9bcc15b50df1bc3ff7428e51c2918a6f (git) before 9ae85b0c1909b6c6bfd2636b04cdaf7f520bf2b5

affected

b194d21b9bcc15b50df1bc3ff7428e51c2918a6f (git) before f441538893eba6347b983f2904819ca6c99da65e

affected

b194d21b9bcc15b50df1bc3ff7428e51c2918a6f (git) before 0c44d61945c4a80775292d96460aa2f22e62f86c

affected

Default status

affected

6.11

affected

Any version before 6.11

unaffected

6.12.75 (semver)

unaffected

6.18.14 (semver)

unaffected

6.19.4 (semver)

unaffected

7.0 (original_commit_for_fix)

unaffected

References

git.kernel.org/...c/16e7e7ad8cdc6b4c4af7f31e262f1494c1b2a55e

git.kernel.org/...c/9ae85b0c1909b6c6bfd2636b04cdaf7f520bf2b5

git.kernel.org/...c/f441538893eba6347b983f2904819ca6c99da65e

git.kernel.org/...c/0c44d61945c4a80775292d96460aa2f22e62f86c

cve.org (CVE-2026-45853)

nvd.nist.gov (CVE-2026-45853)

Download JSON

help @ threatint.eu