What is GHSA-vggp-xwf8-34q8?

GHSA-vggp-xwf8-34q8 is a security advisory published by GitHub Security Advisories with Medium severity. In the Linux kernel, the following vulnerability has been resolved: drm/vc4: Fix memory leak of...

Which CVE IDs does GHSA-vggp-xwf8-34q8 cover?

GHSA-vggp-xwf8-34q8 covers the following CVE IDs: CVE-2026-43105. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-vggp-xwf8-34q8?

GHSA-vggp-xwf8-34q8 has a CVSS v3 base score of 5.5, published by GitHub Security Advisories.

GHSA-vggp-xwf8-34q8MediumCVSS 5.5

In the Linux kernel, the following vulnerability has been resolved: drm/vc4: Fix memory leak of...

Vendor

GitHub Security Advisories

Published

May 6, 2026

Last Modified

June 1, 2026

🔗 CVE IDs covered (1)

CVE-2026-43105 →

📋 Description

In the Linux kernel, the following vulnerability has been resolved:

drm/vc4: Fix memory leak of BO array in hang state

The hang state's BO array is allocated separately with kzalloc() in vc4_save_hang_state() but never freed in vc4_free_hang_state(). Add the missing kfree() for the BO array before freeing the hang state struct.

🔗 References (10)

https://nvd.nist.gov/vuln/detail/CVE-2026-43105
https://git.kernel.org/stable/c/0d3c014a84396a147705f523a8fd6fc873e76502
https://git.kernel.org/stable/c/421cea4f71f7cf65abaae878562ee4aa2b684628
https://git.kernel.org/stable/c/a812008fe3a0aebb778d277b35717f64e23d0302
https://git.kernel.org/stable/c/b8138567c4a80fd76a647849ebd4284996cf4b17
https://git.kernel.org/stable/c/f4dfd6847b3e5d24e336bca6057485116d17aea4
https://git.kernel.org/stable/c/686bb2fce082f043db50db02b5de5c64ca4dc4c4
https://git.kernel.org/stable/c/7235fc096ece53211bd2c0e958c65f9b802aeb98
https://git.kernel.org/stable/c/9c092941fc1d00933bcb46ecac1cb930db3abf5d
https://github.com/advisories/GHSA-vggp-xwf8-34q8