CVE-2026-43105

Source
https://cve.org/CVERecord?id=CVE-2026-43105
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-43105.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-43105
Downstream
Related
Published
2026-05-06T07:40:33.706Z
Modified
2026-07-15T01:48:50.071313281Z
Summary
drm/vc4: Fix memory leak of BO array in hang state
Details

In the Linux kernel, the following vulnerability has been resolved:

drm/vc4: Fix memory leak of BO array in hang state

The hang state's BO array is allocated separately with kzalloc() in vc4savehangstate() but never freed in vc4freehangstate(). Add the missing kfree() for the BO array before freeing the hang state struct.

Database specific
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/43xxx/CVE-2026-43105.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
214613656b5179f0daab6e0a080814b5100d45f0
Fixed
7235fc096ece53211bd2c0e958c65f9b802aeb98
Fixed
686bb2fce082f043db50db02b5de5c64ca4dc4c4
Fixed
9c092941fc1d00933bcb46ecac1cb930db3abf5d
Fixed
a812008fe3a0aebb778d277b35717f64e23d0302
Fixed
0d3c014a84396a147705f523a8fd6fc873e76502
Fixed
421cea4f71f7cf65abaae878562ee4aa2b684628
Fixed
b8138567c4a80fd76a647849ebd4284996cf4b17
Fixed
f4dfd6847b3e5d24e336bca6057485116d17aea4

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-43105.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
4.5.0
Fixed
5.10.258
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.209
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.175
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.136
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.83
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.18.24
Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
6.19.14

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-43105.json"