Primary

Context

Linux Kernel GEM Buffer Re-Export Vulnerability in IVPU Driver

Vulnerability

Patched

A vulnerability in the Linux kernel's IVPU driver can lead to data corruption and incorrect device access by allowing the re-export of imported GEM buffers. This issue has been addressed by implementing a custom callback that prevents such re-exporting, thereby preserving buffer flag settings.

Impact

The vulnerability could cause data corruption and incorrect access to devices by mishandling buffer flags, according to the Linux kernel commit that introduced the fix.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been fixed. The specific commit addressing this issue is available in the Linux kernel stable tree.

Added: May 21, 2026, 1:35 PM

Updated: May 21, 2026, 1:35 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

3.5

remediation

7.7

relevance

9.0

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

3.5

remediation

7.7

relevance

9.0

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel GEM Buffer Re-Export Vulnerability in IVPU Driver

Vulnerability

Impact

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating