VDB

CVE-2026-23305

CVE-2026-23305 PUBLISHED

In the Linux kernel, the following vulnerability has been resolved: accel/rocket: fix unwinding in error path in rocket_probe When rocket_core_init() fails (as could be the case with EPROBE_DEFER), we need to properly unwind by decrementing the counter we just incremented and if this is the first core we failed to probe, remove the rocket DRM device with rocket_device_fini() as well. This matches the logic in rocket_remove(). Failing to properly unwind results in out-of-bounds accesses.

EPSS 0.02% · 4.7th percentile

Risk Scores

EPSS Score
0.02%
4.7th percentile

Affected Products

VendorProductVersions
linuxlinux_kernel6.18, 6.18, 6.18
LinuxLinux0810d5ad88a18f1e6d549853a388ad0316f74e36, 0810d5ad88a18f1e6d549853a388ad0316f74e36, 0810d5ad88a18f1e6d549853a388ad0316f74e36

Timeline

  • Mar 25, 2026 EPSS Score
  • Mar 25, 2026 Coalition ESS Score
  • Mar 25, 2026 CVE Published
  • Mar 25, 2026 CVE Updated
  • Mar 29, 2026 Security Advisory
  • May 18, 2026 EPSS Score
  • May 19, 2026 EPSS Score
  • May 20, 2026 EPSS Score
  • May 21, 2026 EPSS Score
  • May 22, 2026 EPSS Score
  • May 23, 2026 EPSS Score
  • May 24, 2026 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›