CVE-2026-43399

EUVD-2026-28705
In the Linux kernel, the following vulnerability has been resolved:

drm/amdgpu/userq: Fix reference leak in amdgpu_userq_wait_ioctl

Drop reference to syncobj and timeline fence when aborting the ioctl due
output array being too small.

(cherry picked from commit 68951e9c3e6bb22396bc42ef2359751c8315dd27)
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 2%
Affected Products (NVD)
VendorProductVersion
linuxlinux_kernel
6.16 ≤
𝑥
< 6.18.19
linuxlinux_kernel
6.19 ≤
𝑥
< 6.19.9
linuxlinux_kernel
7.0:rc1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
linux
bookworm
6.1.170-3
fixed
bookworm (security)
6.1.174-1
fixed
bullseye
5.10.223-1
fixed
bullseye (security)
5.10.257-1
fixed
forky
7.0.12-2
fixed
sid
7.0.13-1
fixed
trixie
6.12.86-1
fixed
trixie (security)
6.12.94-1
fixed
Vulnerability Media Exposure
References
https://git.kernel.org/stable/c/49abfa812617a7f2d0132c70d23ac98b389c6ec1
https://git.kernel.org/stable/c/5409247d41f372bec5b141ef599f2d9f5e81b746
https://git.kernel.org/stable/c/762f47e2b824383d5be65eee2c40a1269b7d50c8