CVE-2026-45980

high

Description

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Stop job scheduling across aie2_release_resource() Running jobs on a hardware context while it is in the process of releasing resources can lead to use-after-free and crashes. Fix this by stopping job scheduling before calling aie2_release_resource() and restarting it after the release completes. Additionally, aie2_sched_job_run() now checks whether the hardware context is still active.

References

https://git.kernel.org/stable/c/f1370241fe8045702bc9d0812b996791f0500f1b

https://git.kernel.org/stable/c/b79d31dce49b50c79620389b3639280802a86960

https://git.kernel.org/stable/c/688c3ff079b10e4600f040944430d3d4ff448a15

Details

Source: Mitre, NVD

Published: 2026-05-27

Updated: 2026-05-30

Risk Information

CVSS v2

Base Score: 6.8

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

Severity: Medium

CVSS v3

Base Score: 7.8

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.00017