CVE-2026-53347
UnknownSummary
In the Linux kernel, a vulnerability was found in the virtio-gpu driver. When the driver is built with KMS (Kernel Mode Setting) disabled, it does not initialize DRM atomic and modesetting structures. This leads to accessing uninitialized data during driver removal or unbinding, causing a kernel crash.
Risk Assessment
The risk involves the possibility of intentionally triggering a kernel panic by detaching the virtio-gpu driver on a system with KMS disabled, which can lead to service disruption and potential data loss.
Recommendation
It is recommended to immediately update the Linux kernel to a version containing the fix (commit 5a8f7e2b4c1d). If an update is not possible, avoid detaching the virtio-gpu driver in configurations with KMS disabled.
Original NVD description (English source)
In the Linux kernel, the following vulnerability has been resolved: drm/virtio: Fix driver removal with disabled KMS DRM atomic and modesetting aren't initialized if virtio-gpu driver built with disabled KMS, leading to access of uninitialized data on driver removal/unbinding and crashing kernel. Fix it by skipping shutting down atomic core with unavailable KMS.

