CVE-2026-43498

EUVD-2026-31272
In the Linux kernel, the following vulnerability has been resolved:

accel/ivpu: Disallow re-exporting imported GEM objects

Prevent re-exporting of imported GEM buffers by adding a custom
prime_handle_to_fd callback that checks if the object is imported
and returns -EOPNOTSUPP if so.

Re-exporting imported GEM buffers causes loss of buffer flags settings,
leading to incorrect device access and data corruption.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
UNKNOWN
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Debian logo
Debian Releases
Debian Product
Codename
linux
bookworm
6.1.170-3
fixed
bookworm (security)
6.1.172-1
fixed
bullseye
5.10.223-1
fixed
bullseye (security)
5.10.251-5
fixed
forky
7.0.7-1
fixed
sid
7.0.7-1
fixed
trixie
6.12.86-1
fixed
trixie (security)
6.12.88-1
fixed
References
https://git.kernel.org/stable/c/3756043dd695bba34cc728cdc5688dcb49ac8043
https://git.kernel.org/stable/c/7dd57d7a6350770dfc283287125c409e995200e0