In the Linux kernel, the following vulnerability has been resolved:
drm/atmel-hlcdc: fix memory leak from the atomicdestroystate callback
After several commits, the slab memory increases. Some drmcrtccommit objects are not freed. The atomicdestroystate callback only put the framebuffer. Use the _drmatomichelperplanedestroystate() function to put all the objects that are no longer needed.
It has been seen after hours of usage of a graphics application or using kmemleak:
unreferenced object 0xc63a6580 (size 64): comm "egtbasic", pid 171, jiffies 4294940784 hex dump (first 32 bytes): 40 50 34 c5 01 00 00 00 ff ff ff ff 8c 65 3a c6 @P4..........e:. 8c 65 3a c6 ff ff ff ff 98 65 3a c6 98 65 3a c6 .e:......e:..e:. backtrace (crc c25aa925): kmemleakalloc+0x34/0x3c _kmalloccachenoprof+0x150/0x1a4 drmatomichelpersetupcommit+0x1e8/0x7bc drmatomichelpercommit+0x3c/0x15c drmatomiccommit+0xc0/0xf4 drmatomichelpersetconfig+0x84/0xb8 drmmodesetcrtc+0x32c/0x810 drmioctl+0x20c/0x488 sysioctl+0x14c/0xc20 retfastsyscall+0x0/0x54
{
"cna_assigner": "Linux",
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/43xxx/CVE-2026-43269.json"
}