CVE-2026-45980
HighCVSS 7.8Exploitation Probability (EPSS)
Low risk2th percentile - higher than 2% of all known CVEs
Summary
A vulnerability has been identified in the Linux kernel related to job scheduling in hardware context during resource release. This can lead to use-after-free errors and system crashes.
Risk Assessment
Exploitation of this vulnerability may result in system instability and potential data loss. Organizations should be aware of the risks associated with improperly managed hardware resources.
Recommendation
It is recommended to update the Linux kernel to the latest version to patch this vulnerability. Additionally, monitoring job scheduling in hardware context is advised to avoid performance issues.
Original NVD description (English source)
In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Stop job scheduling across aie2_release_resource() Running jobs on a hardware context while it is in the process of releasing resources can lead to use-after-free and crashes. Fix this by stopping job scheduling before calling aie2_release_resource() and restarting it after the release completes. Additionally, aie2_sched_job_run() now checks whether the hardware context is still active.

