Use-After-Free Vulnerability in AMDGPU Display Driver of Linux Kernel
CVE-2026-31488

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 22 April 2026

What is CVE-2026-31488?

A use-after-free vulnerability in the AMD GPU Display Driver for the Linux Kernel occurs when changes to Display Stream Compression (DSC) configurations are mismanaged. It arises during complex scenarios like simultaneous mode changes and external display connections, leading to the incorrect dropping of the mode_changed flag for the integrated panel. This fault can result in memory leaks and, ultimately, exploit opportunities. Proper synchronization in the management of CRTC states would prevent this issue, ensuring better stability and security.

Affected Version(s)

Linux 17ce8a6907f77b7ac97ddaa071d8a1f6e06ce85b < 10862e344b4d6434642a48c87d765813fc0b0ba7

Linux 17ce8a6907f77b7ac97ddaa071d8a1f6e06ce85b < 8a5edc97fd9c6415ff2eff872748439a97e3c3d8

Linux 17ce8a6907f77b7ac97ddaa071d8a1f6e06ce85b < 111208b5b7ebcdadb3f922cc52d8425f0fa91b33

References

https://git.kernel.org/stable/c/10862e344b4d6434642a48c87...

https://git.kernel.org/stable/c/8a5edc97fd9c6415ff2eff872...

https://git.kernel.org/stable/c/111208b5b7ebcdadb3f922cc5...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 22, 2026
Vulnerability Reserved
Mar 9, 2026

CVE-2026-31488 Data

JSON