Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fixed a deadlock issue during reading mqd from debugfs An erroneous disk backup on my desktop entered the debugfs directory, triggering the following deadlock scenario in the amdgpu debugfs files. The machine also...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check the streams before comparing them. WHAT & HOW amdgpudm can pass a null stream to dcisstreamunchanged. It is necessary to check for a null value before dereferencing these streams. This fix addresses a...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fixed a null pointer access when the smcrreg pointer is NULL. In certain types of chips, such as VEGA20, reading the amdgpu regssmc file can lead to a null pointer access when the smcrreg pointer is NULL. Here are the...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fixed the potential null dereference issue. The adev-dm.dc pointer can be NULL, and it may be dereferenced in amdgpudmfini without any checks. A NULL pointer check should be added before calling dcdmubsrvdestroy...

Astra Linux – Vulnerability in Linux 5.10

In the dplinksettingswrite function in the file drivers/gpu/drm/amd/display/amdgpudm/amdgpudmdebugfs.c in the Linux kernel, up to version 5.14.14, there is a vulnerability that allows for a heap-based buffer overflow by an attacker. This vulnerability arises because the attacker can write a strin...

Astra Linux – Vulnerabilities in Linux-6.1, Linux-5.15

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Reset the IH OVERFLOWCLEAR bit. This also allows us to detect subsequent IH ring buffer overflows...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Do not skip unrelated mode changes during DSC validation. Starting with the commit 17ce8a6907f7 drm/amd/display: Add dsc pre-validation in atomic check, amdgpu resets the modeChanged flag to false when recomputin...

CVE-2026-31766

A flaw was found in the Linux kernel's AMD GPU amdgpu driver. A local user could exploit this vulnerability by providing a malformed doorbell offset during user queue creation. This lack of proper bounds checking allows the offset to exceed the allocated memory, potentially corrupting critical...

CVE-2026-31765

A flaw was found in the Linux kernel's AMDGPU driver. On systems configured with 64KB page sizes, a mismatch between the reserved trap area size and the allocated memory for the Kernel Fusion Driver KFD can lead to a kernel crash. A local user running specific applications, such as rocminfo or rc...

CVE-2026-31766

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: validate doorbelloffset in user queue creation amdgpuuserqgetdoorbellindex passes the user-provided doorbelloffset to amdgpudoorbellindexonbar without bounds checking. An arbitrarily large doorbelloffset can cause the...

CVE-2026-31765

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Change AMDGPUVARESERVEDTRAPSIZE to 64KB Currently, AMDGPUVARESERVEDTRAPSIZE is hardcoded to 8KB, while KFDCWSRTBATMASIZE is defined as 2 PAGESIZE. On systems with 4K pages, both values match 8KB, so allocation and...

CVE-2026-31766

The CVE-2026-31766 issue affects the Linux kernel AMDGPU driver: amdgpu_userq_get_doorbell_index() passes user-supplied doorbell_offset to amdgpu_doorbell_index_on_bar() without proper bounds checking. An arbitrarily large doorbell_offset can drive the computed doorbell index outside the allocate...

EUVD-2026-26579

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: validate doorbelloffset in user queue creation amdgpuuserqgetdoorbellindex passes the user-provided doorbelloffset to amdgpudoorbellindexonbar without bounds checking. An arbitrarily large doorbelloffset can cause the...

CVE-2026-31765

Summary: CVE-2026-31765 affects the Linux kernel AMDGPU driver. A mismatch between the reserved trap area (AMDGPU_VA_RESERVED_TRAP_SIZE) and the allocated KFD GPU memory on systems with 64KB pages can cause a kernel crash, including a NULL pointer dereference, when running certain GPU tests (e.g....

CVE-2026-31765 drm/amdgpu: Change AMDGPU_VA_RESERVED_TRAP_SIZE to 64KB

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Change AMDGPUVARESERVEDTRAPSIZE to 64KB Currently, AMDGPUVARESERVEDTRAPSIZE is hardcoded to 8KB, while KFDCWSRTBATMASIZE is defined as 2 PAGESIZE. On systems with 4K pages, both values match 8KB, so allocation and...

CVE-2026-31765

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Change AMDGPUVARESERVEDTRAPSIZE to 64KB Currently, AMDGPUVARESERVEDTRAPSIZE is hardcoded to 8KB, while KFDCWSRTBATMASIZE is defined as 2 PAGESIZE. On systems with 4K pages, both values match 8KB, so allocation and...

EUVD-2026-26578

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Change AMDGPUVARESERVEDTRAPSIZE to 64KB Currently, AMDGPUVARESERVEDTRAPSIZE is hardcoded to 8KB, while KFDCWSRTBATMASIZE is defined as 2 PAGESIZE. On systems with 4K pages, both values match 8KB, so allocation and...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a mismatch between AMDGPUVARESERVEDTRAPSIZE and KFDCWSRTBATMASIZE in the drm amdgpu driver on 64K page...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the drm amdgpu driver not validating the doorbelloffset boundary in user queue creation, which could lead to...

PT-2026-36401

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: validate doorbell offset in user queue creation amdgpu userq get doorbell index passes the user-provided doorbell offset to amdgpu doorbell index on bar without bounds checking. An arbitrarily large doorbell offset ca...