CVE-2026-43269
Description
In the Linux kernel, the following vulnerability has been resolved: drm/atmel-hlcdc: fix memory leak from the atomic_destroy_state callback After several commits, the slab memory increases. Some drm_crtc_commit objects are not freed. The atomic_destroy_state callback only put the framebuffer. Use the __drm_atomic_helper_plane_destroy_state() function to put all the objects that are no longer needed. It has been seen after hours of usage of a graphics application or using kmemleak: unreferenced object 0xc63a6580 (size 64): comm "egt_basic", pid 171, jiffies 4294940784 hex dump (first 32 bytes): 40 50 34 c5 01 00 00 00 ff ff ff ff 8c 65 3a c6 @P4..........e:. 8c 65 3a c6 ff ff ff ff 98 65 3a c6 98 65 3a c6 .e:......e:..e:. backtrace (crc c25aa925): kmemleak_alloc+0x34/0x3c __kmalloc_cache_noprof+0x150/0x1a4 drm_atomic_helper_setup_commit+0x1e8/0x7bc drm_atomic_helper_commit+0x3c/0x15c drm_atomic_commit+0xc0/0xf4 drm_atomic_helper_set_config+0x84/0xb8 drm_mode_setcrtc+0x32c/0x810 drm_ioctl+0x20c/0x488 sys_ioctl+0x14c/0xc20 ret_fast_syscall+0x0/0x54
Predictions
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No mitigations published for this CVE yet.
The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ if you've already worked around this in production โ publish your fix to the community-verified tier.
โ Propose a mitigation on Community โ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here withsource_tier=community-verified.
OS impact
| OS | Version | Status | Fixed in |
|---|---|---|---|
| sles | affected | | |
| debian | bookworm | fixed | 6.1.170-1 |
| debian | forky | fixed | 6.19.6-1 |
| debian | sid | fixed | 6.19.6-1 |
| debian | trixie | fixed | 6.12.85-1 |
| linux-kernel | affected | 5.10.252 | |
| debian | bullseye | fixed | 5.10.257-1 |
References
- https://git.kernel.org/stable/c/082271e364a3205598c2e4e6233a9f49ce7941cf
- https://git.kernel.org/stable/c/25e832a7830740e72103eb0b527680a4b64bbcb3
- https://git.kernel.org/stable/c/3e64e78f4a70e3f6ac8fe5a7071f08ffd25a2489
- https://git.kernel.org/stable/c/5718d98976ad6b9700e5a6afec67fc47a8a92580
- https://git.kernel.org/stable/c/57fa3487acfa3467405f8506b94682abd96e7393
- https://git.kernel.org/stable/c/6d4e91ab97fda64e8cf9c8881cc3b4da026bd849
- https://git.kernel.org/stable/c/ec40702029b08ee8d5f5b03303d64a10e74a957b
- https://git.kernel.org/stable/c/f12352471061df83a36edf54bbb16284793284e4
- https://www.suse.com/security/cve/CVE-2026-43269.html
- https://security-tracker.debian.org/tracker/CVE-2026-43269
CWEs
CWE-401
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.