CVE-2026-23350

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel’s drm/xe/queue functionality where a missing finalization call during queue initialization can lead to invalid memory references. Specifically, if queue initialization fails, the corresponding finalization (fini) is not called, resulting in a damaged queue remaining in the exec queue lookup list. This issue stems from a failure to remove the queue from the GuC list, impacting guc id allocation. The fix involves ensuring a fini call to free the guc id before internal LRCs are freed, reusing the xe exec queue fini() function and modifying xe lrc put() to handle NULL parameters.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.