What is GHSA-g272-h9j2-8655?

GHSA-g272-h9j2-8655 is a security advisory published by GitHub Security Advisories with Medium severity. In the Linux kernel, the following vulnerability has been resolved: drm: Account property blob...

Which CVE IDs does GHSA-g272-h9j2-8655 cover?

GHSA-g272-h9j2-8655 covers the following CVE IDs: CVE-2026-43287. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-g272-h9j2-8655?

GHSA-g272-h9j2-8655 has a CVSS v3 base score of 5.5, published by GitHub Security Advisories.

GHSA-g272-h9j2-8655MediumCVSS 5.5

In the Linux kernel, the following vulnerability has been resolved: drm: Account property blob...

Vendor

GitHub Security Advisories

Published

May 8, 2026

Last Modified

May 15, 2026

🔗 CVE IDs covered (1)

CVE-2026-43287 →

📋 Description

In the Linux kernel, the following vulnerability has been resolved:

drm: Account property blob allocations to memcg

DRM_IOCTL_MODE_CREATEPROPBLOB allows userspace to allocate arbitrary-sized property blobs backed by kernel memory.

Currently, the blob data allocation is not accounted to the allocating process's memory cgroup, allowing unprivileged users to trigger unbounded kernel memory consumption and potentially cause system-wide OOM.

Mark the property blob data allocation with GFP_KERNEL_ACCOUNT so that the memory is properly charged to the caller's memcg. This ensures existing cgroup memory limits apply and prevents uncontrolled kernel memory growth without introducing additional policy or per-file limits.

🔗 CVE IDs covered (1)

📋 Description

🔗 References (10)