Linux Kernel Vulnerability in DRM/XE Driver by The Linux Foundation
CVE-2026-46264

8.8HIGH

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 3 June 2026

What is CVE-2026-46264?

A flaw in the DRM/XE driver's sysfs initialization process can lead to uninitialized kobject errors when the cleanup action is invoked due to devm_add_action_or_reset() failure. This situation can result in warnings related to uninitialized kobjects and refcount underflows, which could compromise system stability. The issue has been addressed by modifying the initialization sequence to ensure proper kobject setup before cleanup registrations are invoked.

Affected Version(s)

Linux 5c170a4d9c530e872f2f788d95258fbaa39b4415 < 6ae479b1919ee9bd0560fc7af649932dd420d010

Linux 5c170a4d9c530e872f2f788d95258fbaa39b4415

Linux 6.19

References

https://git.kernel.org/stable/c/6ae479b1919ee9bd0560fc7af...

https://git.kernel.org/stable/c/bf7172cd25ed182f30af2cbb9...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 3, 2026
Vulnerability Reserved
May 13, 2026

CVE-2026-46264 Data

JSON