CVE-2026-23227
Severity
7.8HIGH
EPSS
0.0%
top 99.12%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedFeb 18
Description
In the Linux kernel, the following vulnerability has been resolved:
drm/exynos: vidi: use ctx->lock to protect struct vidi_context member variables related to memory alloc/free
Exynos Virtual Display driver performs memory alloc/free operations
without lock protection, which easily causes concurrency problem.
For example, use-after-free can occur in race scenario like this:
```
CPU0 CPU1 CPU2
---- ---- ----
vidi_connection_ioctl()
if (vidi->connection) // true
drm_edid = drm_edid_alloc(); // …
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9
Affected Packages3 packages
▶CVEListV5linux/linuxd3b62dbfc7b9bb013926f56db79b60f6c18c392f — 92dd1f38d7db75374dcdaf54f1d79d67bffd54e5+6
Patches
🔴Vulnerability Details
3CVEList▶
drm/exynos: vidi: use ctx->lock to protect struct vidi_context member variables related to memory alloc/free↗2026-02-18
GHSA▶
GHSA-g3vh-wfh4-fp76: In the Linux kernel, the following vulnerability has been resolved:
drm/exynos: vidi: use ctx->lock to protect struct vidi_context member variables r↗2026-02-18
OSV▶
CVE-2026-23227: In the Linux kernel, the following vulnerability has been resolved: drm/exynos: vidi: use ctx->lock to protect struct vidi_context member variables re↗2026-02-18
📋Vendor Advisories
3Red Hat▶
kernel: drm/exynos: vidi: use ctx->lock to protect struct vidi_context member variables related to memory alloc/free↗2026-02-18
Microsoft▶
drm/exynos: vidi: use ctx->lock to protect struct vidi_context member variables related to memory alloc/free↗2026-02-10
Debian▶
CVE-2026-23227: linux - In the Linux kernel, the following vulnerability has been resolved: drm/exynos:...↗2026