What is GHSA-237r-rx7w-5j6c?

GHSA-237r-rx7w-5j6c is a security advisory published by GitHub Security Advisories with High severity. In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Stop job...

Which CVE IDs does GHSA-237r-rx7w-5j6c cover?

GHSA-237r-rx7w-5j6c covers the following CVE IDs: CVE-2026-45980. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-237r-rx7w-5j6c?

GHSA-237r-rx7w-5j6c has a CVSS v3 base score of 7.8, published by GitHub Security Advisories.

GHSA-237r-rx7w-5j6cHighCVSS 7.8

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Stop job...

Vendor

GitHub Security Advisories

Published

May 27, 2026

Last Modified

May 30, 2026

🔗 CVE IDs covered (1)

CVE-2026-45980 →

📋 Description

In the Linux kernel, the following vulnerability has been resolved:

accel/amdxdna: Stop job scheduling across aie2_release_resource()

Running jobs on a hardware context while it is in the process of releasing resources can lead to use-after-free and crashes.

Fix this by stopping job scheduling before calling aie2_release_resource() and restarting it after the release completes. Additionally, aie2_sched_job_run() now checks whether the hardware context is still active.

🔗 References (5)

https://nvd.nist.gov/vuln/detail/CVE-2026-45980
https://git.kernel.org/stable/c/688c3ff079b10e4600f040944430d3d4ff448a15
https://git.kernel.org/stable/c/b79d31dce49b50c79620389b3639280802a86960
https://git.kernel.org/stable/c/f1370241fe8045702bc9d0812b996791f0500f1b
https://github.com/advisories/GHSA-237r-rx7w-5j6c