CVE-2026-43104

EUVD-2026-27618
In the Linux kernel, the following vulnerability has been resolved:

drm/vc4: Fix a memory leak in hang state error path

When vc4_save_hang_state() encounters an early return condition, it
returns without freeing the previously allocated `kernel_state`,
leaking memory.

Add the missing kfree() calls by consolidating the early return paths
into a single place.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
UNKNOWN
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 4%
Debian logo
Debian Releases
Debian Product
Codename
linux
bookworm
vulnerable
bookworm (security)
vulnerable
bullseye
vulnerable
bullseye (security)
vulnerable
forky
6.19.14-1
fixed
sid
7.0.3-1
fixed
trixie
vulnerable
trixie (security)
6.12.85-1
fixed
References
https://git.kernel.org/stable/c/3eb7dd55021d0f4308fbea0bea21d2118984d8e7
https://git.kernel.org/stable/c/9525d169e5fd481538cf8c663cc5839e54f2e481
https://git.kernel.org/stable/c/d8fdd6adc07b78ad3e9ee0004876d90cb59ca941
https://git.kernel.org/stable/c/dd5c49787a32da96a2b154427eb17cbf12a83c28
https://git.kernel.org/stable/c/e352e9adc9f6df54d63150ff832f71c04e30744b