HIGHCVE-2026-45980Published Modified CNA Linux
CVE-2026-45980: accel/amdxdna: Stop job scheduling across aie2_release_resource()
In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Stop job scheduling across aie2_release_resource() Running jobs on a hardware context while it is in the process of releasing resources can lead to use-after-free and crashes. Fix this by stopping job scheduling before calling aie2_release_resource() and restarting it after the release completes. Additionally, aie2_sched_job_run() now checks whether the hardware context is still active.
Metrics
- CVSS v3.1
- 7.8
- Severity
- HIGH
- Fixed in
- 0
- Affected Products
- 2
Fix available
06.156.18.146.19.4688c3ff079b10e4600f040944430d3d4ff448a157.0b79d31dce49b50c79620389b3639280802a86960f1370241fe8045702bc9d0812b996791f0500f1b
Affected packages
- Linux / Linux< b79d31dce49b50c79620389b3639280802a86960 (from 4fd6ca90fc7f509977585d39885f21b2911123f3) · < 688c3ff079b10e4600f040944430d3d4ff448a15 (from 4fd6ca90fc7f509977585d39885f21b2911123f3) · < f1370241fe8045702bc9d0812b996791f0500f1b (from 4fd6ca90fc7f509977585d39885f21b2911123f3) · 36f781a3f0deac92f169416997a17e73538cf470 · < 6.15 (from 6.14.9)
- Linux / Linux6.15Fixed in 0, 6.18.14, 6.19.4, 7.0
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H