CVE-2026-53290

Source
https://cve.org/CVERecord?id=CVE-2026-53290
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-53290.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-53290
Downstream
Published
2026-06-26T19:40:50.073Z
Modified
2026-07-08T08:13:43.804577796Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
drm/xe/eustall: Fix drm_dev_put called before stream disable in close
Details

In the Linux kernel, the following vulnerability has been resolved:

drm/xe/eustall: Fix drmdevput called before stream disable in close

In xeeustallstreamclose(), drmdevput() is called before the stream is disabled and its resources are freed. If this drops the last reference, the device structures could be freed while the subsequent cleanup code still accesses them, leading to a use-after-free.

Fix this by moving drmdevput() after all device accesses are complete. This matches the ordering in xeoarelease().

(cherry picked from commit 35aff528f7297e949e5e19c9cd7fd748cf1cf21c)

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/53xxx/CVE-2026-53290.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
9a0b11d4cf3b4324378c322b7043962e648681ed
Fixed
bebce43f34b5feb8a760aa832eba81e0f8a38871
Fixed
84f2bfbe6e38f8b9815ca00826e53b7f51420402
Fixed
dc2d9842c67d883d3200ae33b9c3859dd9492408

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-53290.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.15.0
Fixed
6.18.33
Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
7.0.10

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-53290.json"