Linux Kernel Vulnerability in Virtio-GPU Driver with Disabled KMS
CVE-2026-53347
What is CVE-2026-53347?
A significant vulnerability exists in the Linux kernel's virtio-gpu driver, specifically when built with disabled Kernel Mode Setting (KMS). This flaw can lead to scenarios where Digital Rights Management (DRM) atomic and mode-setting functionalities are not properly initialized. Consequently, this may result in access to uninitialized data upon driver removal or unbinding, causing kernel crashes. The issue has been addressed by modifying the shutdown process of the atomic core to prevent execution when KMS is unavailable, enhancing system stability.
Affected Version(s)
Linux 72122c69d71784e390527819754ea456421c4501
Linux 72122c69d71784e390527819754ea456421c4501 < 38a5f891cda6d121c149c94cda89c31ec7024ee3
Linux 72122c69d71784e390527819754ea456421c4501 < 19a6a00ff50c284f3a9818882ad2be58b33b790a