CVE-2026-52904 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix nvkm_device leak on aperture removal failure When aperture_remove_conflicting_pci_devices() fails during probe, the error path returns directly without unwinding the nvkm_device that was just allocated by nvkm_device_pci_new(). This leaks both the device wrapper and the pci_enable_device() reference taken inside it. Jump to the existing fail_nvkm label so nvkm_device_del() runs and balances both. The leak was introduced when the intermediate nvkm_device_del() between detection and aperture removal was dropped in favor of creating the pci device once.

PUBLISHED Reserved 2026-06-09 | Published 2026-06-09 | Updated 2026-06-09 | Assigner Linux

Product status

Default status

unaffected

c0bfe34330b5fafdbbc63a7124841711651b96b9 (git) before 5edd564ccb002ffc830e7818c1c4a992db774678

affected

c0bfe34330b5fafdbbc63a7124841711651b96b9 (git) before 4404d7d2dda4f3cc84a8fb6ac5417a2afc3b22d6

affected

c0bfe34330b5fafdbbc63a7124841711651b96b9 (git) before 843c0247cf21364e33bb5a8ffc9af57107d04d05

affected

c0bfe34330b5fafdbbc63a7124841711651b96b9 (git) before 6597ff1d8de3f583be169587efeafd8af134e138

affected

Default status

affected

6.12

affected

Any version before 6.12

unaffected

6.12.86 (semver)

unaffected

6.18.27 (semver)

unaffected

7.0.4 (semver)

unaffected

7.1-rc1 (original_commit_for_fix)

unaffected

References

git.kernel.org/...c/5edd564ccb002ffc830e7818c1c4a992db774678

git.kernel.org/...c/4404d7d2dda4f3cc84a8fb6ac5417a2afc3b22d6

git.kernel.org/...c/843c0247cf21364e33bb5a8ffc9af57107d04d05

git.kernel.org/...c/6597ff1d8de3f583be169587efeafd8af134e138

cve.org (CVE-2026-52904)

nvd.nist.gov (CVE-2026-52904)

Download JSON

help @ threatint.eu