Memory Leak Vulnerability in Linux Kernel Affecting VC4 Graphics Driver
CVE-2026-43104

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 6 May 2026

What is CVE-2026-43104?

A memory leak vulnerability exists in the Linux kernel, specifically within the VC4 graphics driver. This issue arises when the vc4_save_hang_state() function encounters an early return condition without properly releasing the previously allocated kernel_state. As a result, memory that should be freed remains allocated, leading to potential instability in the system over time. The vulnerability has been addressed by consolidating the early exit paths to ensure that memory is correctly freed, thus enhancing the overall robustness of the kernel's memory management.

Affected Version(s)

Linux 214613656b5179f0daab6e0a080814b5100d45f0

References

https://git.kernel.org/stable/c/dd5c49787a32da96a2b154427...

https://git.kernel.org/stable/c/d8fdd6adc07b78ad3e9ee0004...

https://git.kernel.org/stable/c/e352e9adc9f6df54d63150ff8...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 6, 2026
Vulnerability Reserved
May 1, 2026

CVE-2026-43104 Data

JSON