CVE Catalog

CVE-2026-45980

HighCVSS 7.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.12%

2th percentile - higher than 2% of all known CVEs

Summary

A vulnerability has been identified in the Linux kernel related to job scheduling in hardware context during resource release. This can lead to use-after-free errors and system crashes.

Risk Assessment

Exploitation of this vulnerability may result in system instability and potential data loss. Organizations should be aware of the risks associated with improperly managed hardware resources.

Recommendation

It is recommended to update the Linux kernel to the latest version to patch this vulnerability. Additionally, monitoring job scheduling in hardware context is advised to avoid performance issues.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Stop job scheduling across aie2_release_resource() Running jobs on a hardware context while it is in the process of releasing resources can lead to use-after-free and crashes. Fix this by stopping job scheduling before calling aie2_release_resource() and restarting it after the release completes. Additionally, aie2_sched_job_run() now checks whether the hardware context is still active.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS