CVE-2026-53141
MediumCVSS 5.5Exploitation Probability (EPSS)
Low risk6th percentile — higher than 6% of all known CVEs
Summary
In the Linux kernel DRM driver for V3D, a reference counting issue was found in the global performance monitor. Functions SET_GLOBAL, CLEAR_GLOBAL, and perfmon deletion fail to release references properly, causing memory leaks.
Risk Assessment
Reference leaks can lead to kernel memory exhaustion, potentially causing system instability or denial of service (DoS) under prolonged operation or repeated exploitation of vulnerable operations.
Recommendation
Immediately update the Linux kernel to a version containing the fix (commit drm/v3d: Fix global performance monitor reference counting).
Original NVD description (English source)
In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix global performance monitor reference counting In the SET_GLOBAL ioctl, v3d_perfmon_find() bumps the reference count on the perfmon it returns, but v3d_perfmon_set_global_ioctl() and v3d_perfmon_delete() fail to release that reference on several paths: 1. v3d_perfmon_set_global_ioctl() leaks the reference on its error paths. 2. CLEAR_GLOBAL leaks both the find reference and the reference previously stashed in v3d->global_perfmon by the SET_GLOBAL ioctl that configured it. 3. Destroying a perfmon that is the current global perfmon leaks the reference stashed by the SET_GLOBAL ioctl. Release each of these references explicitly.

