CVE-2026-46309: Linux xe GPU Driver Memory Disclosure via Incoherent Cache Access
CVE-2026-46309 is a memory access control flaw in the Linux kernel's GPU driver (xe) that can leak sensitive data. When a privileged process uses a low-coherency GPU memory mode on CPU-cached buffers, the GPU can bypass CPU caches and read stale data directly from RAM—including sensitive information from previously freed memory of other processes. The fix validates GPU memory configuration requests to prevent this dangerous combination.
Source data · NVD / CISA · public domain
- CVSS
- 3.1 · 7.0 HIGH · CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
- Weaknesses (CWE)
- CWE-401, CWE-524
- Affected products
- 2 configuration(s)
- Published / Modified
- 2026-06-08 / 2026-07-15
NVD description (verbatim)
In the Linux kernel, the following vulnerability has been resolved: drm/xe/uapi: Reject coh_none PAT index for CPU cached memory in madvise Add validation in xe_vm_madvise_ioctl() to reject PAT indices with XE_COH_NONE coherency mode when applied to CPU cached memory. Using coh_none with CPU cached buffers is a security issue. When the kernel clears pages before reallocation, the clear operation stays in CPU cache (dirty). GPU with coh_none can bypass CPU caches and read stale sensitive data directly from DRAM, potentially leaking data from previously freed pages of other processes. This aligns with the existing validation in vm_bind path (xe_vm_bind_ioctl_validate_bo). v2(Matthew brost) - Add fixes - Move one debug print to better place v3(Matthew Auld) - Should be drm/xe/uapi - More Cc v4(Shuicheng Lin) - Fix kmem leak issues by the way v5 - Remove kmem leak because it has been merged by another patch v6 - Remove the fix which is not related to current fix v7 - No change v8 - Rebase v9 - Limit the restrictions to iGPU v10 - No change (cherry picked from commit 016ccdb674b8c899940b3944952c96a6a490d10a)
6 reference(s) · View on NVD →
SEC.co analysis · AI-assisted, reviewed against source
Technical summary
The vulnerability exists in the xe_vm_madvise_ioctl() function of the Linux kernel's xe GPU driver. When userspace applies XE_COH_NONE (no coherency) PAT indices to CPU-cached memory regions via madvise, the GPU gains direct DRAM access that circumvents CPU cache coherence. During kernel page clearing (a security measure before reallocation), cleared pages remain dirty in CPU cache; a GPU with coh_none coherency can read these stale contents directly from DRAM, extracting sensitive data from other processes' freed allocations. The patch adds validation logic to reject this configuration on integrated GPUs, aligning with existing protections in the vm_bind path.
Business impact
Data exfiltration from freed memory across process boundaries poses a significant confidentiality risk in multi-tenant environments and systems handling sensitive data. An unprivileged local attacker with GPU access can read kernel buffers, other process memory, or cryptographic material. On shared infrastructure (cloud VMs, containerized workloads), this enables lateral privilege escalation and sensitive data theft. Remediation is straightforward and involves kernel patching with no functional impact to legitimate GPU operations.
Affected systems
Linux systems with Intel integrated GPUs (iGPU) running kernel versions prior to the patch. The restriction applies specifically to iGPU deployments; discrete GPU scenarios have different coherency semantics. Systems without Intel integrated graphics are unaffected. Verify your kernel version and GPU configuration against the vendor advisory.
Exploitability
Exploitation requires local code execution with sufficient privilege to invoke the madvise GPU memory ioctl. The attack is reliable once conditions are met but not remotely exploitable. No active exploitation is tracked in the KEV catalog. An attacker must understand GPU memory management APIs and timing to reliably capture stale data, but the underlying flaw is deterministic.
Remediation
Apply the kernel patch that adds validation to xe_vm_madvise_ioctl() to reject coh_none PAT indices on CPU-cached memory. Rebuild and deploy the updated kernel. No configuration changes or workarounds are required post-patch. Verify the patch commit 016ccdb674b8c899940b3944952c96a6a490d10a or later is included in your kernel release.
Patch guidance
Update your Linux kernel to a version containing the fix for CVE-2026-46309. Consult your distribution's advisory for specific patch version numbers and availability. For environments using Intel iGPUs in VMs or containers, prioritize this update to prevent cross-process memory leakage. Patch deployment can typically occur during standard maintenance windows as the fix carries no breaking changes.
Detection guidance
Monitor for unusual GPU madvise ioctl invocations, particularly those combining coh_none coherency flags with CPU-cached memory regions. Kernel audit logs (auditd) can capture madvise syscall patterns. GPU driver logs may reveal rejected PAT configuration attempts post-patch. Look for process behaviors attempting to enumerate or manipulate GPU memory coherency settings outside normal application scope. YARA rules targeting GPU memory API abuse patterns would be effective.
Why prioritize this
This vulnerability merits urgent attention due to its high CVSS (7.0), silent data exfiltration capability, and applicability to common deployment scenarios (cloud VMs, containers with iGPU passthrough). The privileged access requirement moderates risk slightly, but the lack of detection and deterministic nature of the flaw justify swift patching. It is not yet in active exploitation (KEV status false) but fits attacker profiles targeting multi-tenant isolation.
Risk score, explained
CVSS 7.0 (HIGH) reflects a high confidentiality impact with moderate complexity and low attack privilege. The local attack vector, requirement for higher privilege (PR:L), and moderate barriers to exploitability (AC:H) prevent a critical rating, but the integrity and availability impacts (writing stale data and potential DoS via resource exhaustion) elevate severity. The ability to leak across process boundaries and the silent nature of the attack justify the score.
Frequently asked questions
Can this vulnerability be exploited remotely?
No. CVE-2026-46309 requires local code execution with sufficient privilege to invoke GPU memory management ioctls. It is not remotely exploitable.
Does this affect discrete GPUs or only Intel iGPUs?
The patch restricts validation to integrated GPUs (iGPUs). Discrete GPU scenarios have different coherency guarantees. Verify your hardware configuration against the vendor advisory.
What data can be leaked?
Any data in freed memory pages before they are reallocated—including kernel buffers, cryptographic keys, sensitive application data, or other process memory. The scope depends on memory access patterns and timing.
Is there a workaround until patching is complete?
The most reliable workaround is to restrict unprivileged access to GPU ioctls using seccomp or LSM policies until your kernel is patched. However, patching is the recommended solution.
This analysis is provided for informational purposes and based on publicly available information as of the publication date. Patch version numbers and availability should be verified against official Linux kernel advisories and your distribution's security documentation. SEC.co makes no warranty regarding completeness or applicability to your specific environment. Always validate patches in a test environment before production deployment. Source: NVD (public-domain), retrieved 2026-07-16. Analysis generated by SEC.co (claude-haiku-4-5).
Related vulnerabilities
- CVE-2026-46178HIGHLinux Kernel RDMA/mlx4 Resource Leak – HIGH Severity
- CVE-2026-46201HIGHLinux Xe Graphics Driver DMA-Buf Attachment Leak
- CVE-2026-46303HIGHLinux isofs Rock Ridge Information Disclosure Vulnerability
- CVE-2026-46109MEDIUMLinux Kernel USB ULPI Memory Leak – CVSS 5.5 Medium
- CVE-2026-46141MEDIUMPowerPC XIVE Memory Leak in MSI-X Interrupt Allocation
- CVE-2026-46143MEDIUMLinux QCOM Audio Driver Memory Leak – Availability Risk
- CVE-2026-46147MEDIUMLinux ARM64 KVM vCPU Initialization Pin Leak and Race Condition
- CVE-2026-46151MEDIUMLinux Kernel USB Printer Driver Heap Memory Leak