Skip to main content

Linux Kernel EUVDEUVD-2026-32374

| CVE-2026-45908 MEDIUM
Memory Leak (CWE-401)
2026-05-27 416baaa9-dc9f-4396-8d5f-8c081fb06d67 GHSA-6432-66v6-m255
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
vuln.today AI
5.5 MEDIUM

Local access with low privileges required to reach the XDnA device; no confidentiality or integrity impact, only kernel memory exhaustion affecting availability.

3.1 AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
4.0 AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
SUSE
3.3 LOW
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

5
Analysis Generated
Jun 24, 2026 - 16:41 vuln.today
CVSS changed
Jun 24, 2026 - 16:37 NVD
5.5 (MEDIUM)
Patch available
May 27, 2026 - 19:46 EUVD
CVE Published
May 27, 2026 - 14:17 nvd
MEDIUM 5.5
CVE Published
May 27, 2026 - 14:17 nvd
UNKNOWN (no severity yet)

DescriptionNVD

In the Linux kernel, the following vulnerability has been resolved:

accel/amdxdna: Fix memory leak in amdxdna_ubuf_map

The amdxdna_ubuf_map() function allocates memory for sg and internal sg table structures, but it fails to free them if subsequent operations (sg_alloc_table_from_pages or dma_map_sgtable) fail.

AnalysisAI

Memory leak in the Linux kernel's AMD XDnA accelerator driver (accel/amdxdna) allows a local low-privileged user to degrade system availability by exhausting kernel memory. The amdxdna_ubuf_map() function fails to release previously allocated scatter-gather (sg) and internal sg table memory when error paths are taken during sg_alloc_table_from_pages or dma_map_sgtable operations. No active exploitation is confirmed (absent from CISA KEV), EPSS stands at 0.02% (4th percentile), and impact is strictly limited to availability - no confidentiality or integrity exposure exists.

Technical ContextAI

The amdxdna driver implements support for AMD XDnA AI accelerator hardware within the Linux kernel's DRM acceleration framework. The vulnerable function amdxdna_ubuf_map() maps user-space buffers into DMA-accessible scatter-gather (sg) table structures required for data transfers to the accelerator. CWE-401 (Missing Release of Memory after Effective Lifetime) is the root cause: allocated heap memory for the sg structure and the internal sg table is not freed on two specific error branches - when sg_alloc_table_from_pages() fails or when dma_map_sgtable() fails - before the function returns an error code to the caller. CPE cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* confirms the affected product scope. The vulnerability was introduced with the initial amdxdna driver commit (bd72d4acda1069579b35123e3cc0b21ec1193a21) and persists across all kernel versions until the three stable-branch fix commits landed in 6.18.14, 6.19.4, and 7.0.

RemediationAI

Upgrade the Linux kernel to a patched stable version: 6.18.14, 6.19.4, or 7.0. The corresponding upstream fix commits are available at https://git.kernel.org/stable/c/5a68d2c99c859e6e8e36fa4e32749abf6d1fb66a (6.19.x branch), https://git.kernel.org/stable/c/84dd57fb0359500092f1101409ca32091731490d (6.18.x branch), and https://git.kernel.org/stable/c/f9f4366d2ff93b07c2571561c776bd9a708078c3 (mainline/7.0 branch). On systems where AMD XDnA accelerator functionality is not required, blacklisting the amdxdna module eliminates the attack surface entirely with no impact on non-accelerator workloads: add 'blacklist amdxdna' to /etc/modprobe.d/blacklist.conf and run 'modprobe -r amdxdna' to unload immediately. Distribution-specific kernel updates from upstream vendors (RHEL, Ubuntu, SUSE, etc.) incorporating these stable patches should be monitored and applied per normal patching cadence.

Vendor StatusVendor

SUSE

Severity: Low
Product Status
SUSE Linux Enterprise Desktop 15 SP7 Not-Affected
SUSE Linux Enterprise Desktop 15 SP7 Not-Affected
SUSE Linux Enterprise High Availability Extension 15 SP7 Not-Affected
SUSE Linux Enterprise High Availability Extension 15 SP7 Not-Affected
SUSE Linux Enterprise High Performance Computing 15 SP7 Not-Affected

Share

EUVD-2026-32374 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy