CVE-2026-23350Missing Release of Resource after Effective Lifetime in Linux

CWE-772Missing Release of Resource after Effective Lifetime7 documents6 sources
Severity
7.8HIGHNVD
EPSS
0.0%
top 97.25%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedMar 25

Description

In the Linux kernel, the following vulnerability has been resolved: drm/xe/queue: Call fini on exec queue creation fail Every call to queue init should have a corresponding fini call. Skipping this would mean skipping removal of the queue from GuC list (which is part of guc_id allocation). A damaged queue stored in exec_queue_lookup list would lead to invalid memory reference, sooner or later. Call fini to free guc_id. This must be done before any internal LRCs are freed. Since the finalizat

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages4 packages

Linuxlinux/linux_kernel6.19.06.19.7
Debianlinux/linux_kernel< 6.19.8-1
CVEListV5linux/linux3c1fa4aa60b146d1fa73b2b87064303f8e4b7952fae65b8a4449ae556990efcde8d74bec4adc5925+2
debiandebian/linux< linux 6.19.8-1 (forky)

🔴Vulnerability Details

3
OSV
CVE-2026-23350: In the Linux kernel, the following vulnerability has been resolved: drm/xe/queue: Call fini on exec queue creation fail Every call to queue init shoul2026-03-25
OSV
drm/xe/queue: Call fini on exec queue creation fail2026-03-25
GHSA
GHSA-gx4p-pq85-g76x: In the Linux kernel, the following vulnerability has been resolved: drm/xe/queue: Call fini on exec queue creation fail Every call to queue init sho2026-03-25

📋Vendor Advisories

2
Red Hat
kernel: drm/xe/queue: Call fini on exec queue creation fail2026-03-25
Debian
CVE-2026-23350: linux - In the Linux kernel, the following vulnerability has been resolved: drm/xe/queu...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-23350 Impact, Exploitability, and Mitigation Steps | Wiz