CVE-2026-23305

Published: Mar 25, 2026

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: accel/rocket: fix unwinding in error path in rocket_probe When rocket_core_init() fails (as could be the case with EPROBE_DEFER), we need to properly unwind by decrementing the counter we just incremented and if this is the first core we failed to probe, remove the rocket DRM device with rocket_device_fini() as well. This matches the logic in rocket_remove(). Failing to properly unwind results in out-of-bounds accesses.

Vendor	Product	Versions
Linux	Linux	affected `0810d5ad88a18f1e6d549853a388ad0316f74e36 - < 7fc4b49474c836cee7d9801abf05e0198fcbfa74` affected `0810d5ad88a18f1e6d549853a388ad0316f74e36 - < eeaf28c8f4defe371a008a5ddefaf18abf534f81` affected `0810d5ad88a18f1e6d549853a388ad0316f74e36 - < 34f4495a7f72895776b81969639f527c99eb12b9`
Linux	Linux	affected `6.18` unaffected `0 - < 6.18` unaffected `6.18.17 - <= 6.18.` unaffected `6.19.7 - <= 6.19.` unaffected `7.0 - <= *`

References

https://git.kernel.org/stable/c/7fc4b49474c836cee7d9801abf05e0198fcbfa74

https://git.kernel.org/stable/c/eeaf28c8f4defe371a008a5ddefaf18abf534f81

https://git.kernel.org/stable/c/34f4495a7f72895776b81969639f527c99eb12b9

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2026-23305

Description

Affected Products

References