Linux Kernel Vulnerability in Virtio-GPU Driver with Disabled KMS
CVE-2026-53347

Currently unrated

Key Information:

Vendor

Linux

Status
Vendor
CVE Published:
1 July 2026

What is CVE-2026-53347?

A significant vulnerability exists in the Linux kernel's virtio-gpu driver, specifically when built with disabled Kernel Mode Setting (KMS). This flaw can lead to scenarios where Digital Rights Management (DRM) atomic and mode-setting functionalities are not properly initialized. Consequently, this may result in access to uninitialized data upon driver removal or unbinding, causing kernel crashes. The issue has been addressed by modifying the shutdown process of the atomic core to prevent execution when KMS is unavailable, enhancing system stability.

Affected Version(s)

Linux 72122c69d71784e390527819754ea456421c4501

Linux 72122c69d71784e390527819754ea456421c4501 < 38a5f891cda6d121c149c94cda89c31ec7024ee3

Linux 72122c69d71784e390527819754ea456421c4501 < 19a6a00ff50c284f3a9818882ad2be58b33b790a

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.