CVE-2026-45980 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Stop job scheduling across aie2_release_resource() Running jobs on a hardware context while it is in the process of releasing resources can lead to use-after-free and crashes. Fix this by stopping job scheduling before calling aie2_release_resource() and restarting it after the release completes. Additionally, aie2_sched_job_run() now checks whether the hardware context is still active.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/688c3ff079b10e4600f040944430d3d4ff448a15
https://git.kernel.org/stable/c/b79d31dce49b50c79620389b3639280802a86960
https://git.kernel.org/stable/c/f1370241fe8045702bc9d0812b996791f0500f1b

History

Wed, 27 May 2026 14:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Stop job scheduling across aie2_release_resource() Running jobs on a hardware context while it is in the process of releasing resources can lead to use-after-free and crashes. Fix this by stopping job scheduling before calling aie2_release_resource() and restarting it after the release completes. Additionally, aie2_sched_job_run() now checks whether the hardware context is still active.
Title		accel/amdxdna: Stop job scheduling across aie2_release_resource()
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/688c3ff079b10e4600f040944430d3d4ff448a15 https://git.kernel.org/stable/c/b79d31dce49b50c79620389b3639280802a86960 https://git.kernel.org/stable/c/f1370241fe8045702bc9d0812b996791f0500f1b

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-05-27T12:18:39.136Z

Updated: 2026-05-27T12:18:39.136Z

Reserved: 2026-05-13T15:03:33.090Z

Link: CVE-2026-45980

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2026-05-27T14:17:15.130

Modified: 2026-05-27T14:48:03.013

Link: CVE-2026-45980

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-45980", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-05-13T15:03:33.090Z", "datePublished": "2026-05-27T12:18:39.136Z", "dateUpdated": "2026-05-27T12:18:39.136Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-27T12:18:39.136Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\naccel/amdxdna: Stop job scheduling across aie2_release_resource()\n\nRunning jobs on a hardware context while it is in the process of\nreleasing resources can lead to use-after-free and crashes.\n\nFix this by stopping job scheduling before calling\naie2_release_resource() and restarting it after the release completes.\nAdditionally, aie2_sched_job_run() now checks whether the hardware\ncontext is still active."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/accel/amdxdna/aie2_ctx.c"], "versions": [{"version": "4fd6ca90fc7f509977585d39885f21b2911123f3", "lessThan": "b79d31dce49b50c79620389b3639280802a86960", "status": "affected", "versionType": "git"}, {"version": "4fd6ca90fc7f509977585d39885f21b2911123f3", "lessThan": "688c3ff079b10e4600f040944430d3d4ff448a15", "status": "affected", "versionType": "git"}, {"version": "4fd6ca90fc7f509977585d39885f21b2911123f3", "lessThan": "f1370241fe8045702bc9d0812b996791f0500f1b", "status": "affected", "versionType": "git"}, {"version": "36f781a3f0deac92f169416997a17e73538cf470", "status": "affected", "versionType": "git"}, {"version": "6.14.9", "lessThan": "6.15", "status": "affected", "versionType": "semver"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/accel/amdxdna/aie2_ctx.c"], "versions": [{"version": "6.15", "status": "affected"}, {"version": "0", "lessThan": "6.15", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.14", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.19.4", "lessThanOrEqual": "6.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.15", "versionEndExcluding": "6.18.14"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.15", "versionEndExcluding": "6.19.4"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.15", "versionEndExcluding": "7.0"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.14.9"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/b79d31dce49b50c79620389b3639280802a86960"}, {"url": "https://git.kernel.org/stable/c/688c3ff079b10e4600f040944430d3d4ff448a15"}, {"url": "https://git.kernel.org/stable/c/f1370241fe8045702bc9d0812b996791f0500f1b"}], "title": "accel/amdxdna: Stop job scheduling across aie2_release_resource()", "x_generator": {"engine": "bippy-1.2.0"}}}}