{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-23430", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-01-13T15:37:46.016Z", "datePublished": "2026-04-03T15:15:16.687Z", "dateUpdated": "2026-04-03T15:15:16.687Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-04-03T15:15:16.687Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vmwgfx: Don't overwrite KMS surface dirty tracker\n\nWe were overwriting the surface's dirty tracker here causing a memory leak."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/vmwgfx/vmwgfx_kms.c"], "versions": [{"version": "965544150d1cadf0e8f5bb6c13c19697e46e1429", "lessThan": "3f300a41a3668095688aa4551214e8080829fa93", "status": "affected", "versionType": "git"}, {"version": "965544150d1cadf0e8f5bb6c13c19697e46e1429", "lessThan": "354c8bbf8d1e4aa61e580dbe160591feda504e4f", "status": "affected", "versionType": "git"}, {"version": "965544150d1cadf0e8f5bb6c13c19697e46e1429", "lessThan": "c6cb77c474a32265e21c4871c7992468bf5e7638", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/vmwgfx/vmwgfx_kms.c"], "versions": [{"version": "6.16", "status": "affected"}, {"version": "0", "lessThan": "6.16", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.20", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.19.10", "lessThanOrEqual": "6.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0-rc5", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.16", "versionEndExcluding": "6.18.20"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.16", "versionEndExcluding": "6.19.10"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.16", "versionEndExcluding": "7.0-rc5"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/3f300a41a3668095688aa4551214e8080829fa93"}, {"url": "https://git.kernel.org/stable/c/354c8bbf8d1e4aa61e580dbe160591feda504e4f"}, {"url": "https://git.kernel.org/stable/c/c6cb77c474a32265e21c4871c7992468bf5e7638"}], "title": "drm/vmwgfx: Don't overwrite KMS surface dirty tracker", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vmwgfx: Don't overwrite KMS surface dirty tracker\n\nWe were overwriting the surface's dirty tracker here causing a memory leak."}], "id": "CVE-2026-23430", "lastModified": "2026-04-03T16:16:24.357", "metrics": {}, "published": "2026-04-03T16:16:24.357", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/354c8bbf8d1e4aa61e580dbe160591feda504e4f"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/3f300a41a3668095688aa4551214e8080829fa93"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/c6cb77c474a32265e21c4871c7992468bf5e7638"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Received"}

{"bugzilla": {"description": "kernel: drm/vmwgfx: Don't overwrite KMS surface dirty tracker", "id": "2454815", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2454815"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-911", "details": ["A flaw was found in the Linux kernel, specifically within the `drm/vmwgfx` component. This vulnerability occurs when the kernel incorrectly overwrites the Kernel Mode Setting (KMS) surface dirty tracker. This error leads to a memory leak, which can degrade system performance and potentially cause system instability over an extended period."], "name": "CVE-2026-23430", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-04-03T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-23430\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-23430\nhttps://lore.kernel.org/linux-cve-announce/2026040310-CVE-2026-23430-8d4a@gregkh/T"], "threat_severity": "Low"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[965544150d1cadf0e8f5bb6c13c19697e46e1429,3f300a41a3668095688aa4551214e8080829fa93)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[965544150d1cadf0e8f5bb6c13c19697e46e1429,354c8bbf8d1e4aa61e580dbe160591feda504e4f)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[965544150d1cadf0e8f5bb6c13c19697e46e1429,c6cb77c474a32265e21c4871c7992468bf5e7638)"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "6.16"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[0,6.16)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.18.20,6.19.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.19.10,6.20.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[7.0-rc5,*]"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}], "analysis": {"en": {"generated_at": "2026-04-03T18:57:53.179175+00:00", "value": {"mitigation_remediation": ["Update the Linux kernel to a version that includes the vmwgfx patch from the vendor repository.", "Reboot the system after applying the patch to clear any stale allocations.", "Monitor memory usage and system logs to verify that the leak no longer occurs."], "summary": {"action": "Apply Patch", "impact": "Denial of Service via memory exhaustion"}, "threat_synthesis": {"affected_systems": "Affected systems include any Linux kernel that incorporates the vmwgfx DRM module and has not yet received the upstream fix. The vulnerability applies broadly across distributions that ship the default kernel build with the vmwgfx driver, regardless of specific release version, until a patched kernel is installed.", "description_and_impact": "The Linux kernel\u2019s drm/vmwgfx driver contains a flaw that overwrites a KMS surface dirty tracker each time a surface is refreshed, discarding otherwise freed memory and causing a memory leak. This gradual exhaustion of system RAM can lead to instability or crashes, effectively denying service. Based on the description, the likely attack vector is a local process that can invoke vmwgfx operations, such as a privileged user or graphics application.", "risk_and_exploitability": "Formal CVSS or EPSS metrics are not available, so a precise numerical risk assessment cannot be provided. The weakness requires local access to the graphics driver, suggesting that privilege escalation or local persistence may be necessary for exploitation. Once the memory threshold is surpassed, the impact is a denial of service through RAM exhaustion. The vulnerability is not listed in the CISA KEV catalog and does not provide privilege escalation or remote code execution. Therefore, the exploitation risk is considered moderate, with a clear path to denial of service under favorable conditions."}}}}, "created": "2026-04-03T21:14:07.870766+00:00", "updated": "2026-04-03T21:16:21.550825+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"], "weaknesses": ["CWE-401"]}