Memory Leak Vulnerability in Linux Kernel Graphics Driver
CVE-2026-43269

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 6 May 2026

What is CVE-2026-43269?

A memory leak vulnerability has been identified in the Linux kernel graphics driver related to the atomic_destroy_state callback functionality. During prolonged use of certain graphics applications, unreferenced drm_crtc_commit objects remain allocated, leading to increased slab memory consumption. This occurs due to the atomic_destroy_state callback only freeing the framebuffer without releasing all associated objects. The issue has been resolved by implementing the __drm_atomic_helper_plane_destroy_state() function to ensure adequate cleanup of all unneeded objects.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 6d4e91ab97fda64e8cf9c8881cc3b4da026bd849

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 5718d98976ad6b9700e5a6afec67fc47a8a92580

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 57fa3487acfa3467405f8506b94682abd96e7393

References

https://git.kernel.org/stable/c/6d4e91ab97fda64e8cf9c8881...

https://git.kernel.org/stable/c/5718d98976ad6b9700e5a6afe...

https://git.kernel.org/stable/c/57fa3487acfa3467405f8506b...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 6, 2026
Vulnerability Reserved
May 1, 2026

CVE-2026-43269 Data

JSON