Linux Distros Unpatched Vulnerability : CVE-2026-45976

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amdgpu: Fix memory leak in amdgpurasinit When amdgpunbiorasswinit fails in amdgpurasinit, the function returns directly without freeing the allocated con...

CVE-2026-46197

A flaw was found in the Linux kernel. A local attacker could exploit an out-of-bounds buffer access vulnerability in the AMDGPU kernel driver by providing a specially crafted attribute count during SVM ioctl operations. This improper validation could allow the attacker to cause a system crash,...

CVE-2026-46204

A flaw was found in the Linux kernel's AMD GPU Graphics Processing Unit driver, specifically within the drm/amdgpu/vcn4 component. This vulnerability allows for an out-of-bounds read when processing an Instruction Buffer IB. An attacker could potentially exploit this to read sensitive information...

CVE-2026-46218

A flaw was found in the Linux kernel's drm/amdgpu driver. The uvd/vce/vcn code accesses the Instruction Buffer IB without sufficient bounds checking, which could allow an attacker to trigger an out-of-bounds memory access. This vulnerability may lead to system instability or a denial of service...

CVE-2026-46220

A flaw was found in the Linux kernel's AMDGPU graphics driver drm/amdgpu/sdma4. An unprivileged local user could exploit this vulnerability by submitting specially crafted DRMIOCTLAMDGPUCS commands with misaligned fence writeback addresses. This could trigger a BUGON assertion, leading to a fatal...

CVE-2026-46204

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/vcn4: Prevent OOB reads when parsing IB Rewrite the IB parsing to use amdgpuibgetvalue which handles the bounds checks...

CVE-2026-46230 drm/amdgpu/vcn3: Prevent OOB reads when parsing dec msg

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/vcn3: Prevent OOB reads when parsing dec msg Check bounds against the end of the BO whenever we access the msg...

EUVD-2026-32856

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Clear VRAM on allocation to prevent stale data exposure KFD VRAM allocations set AMDGPUGEMCREATEVRAMWIPEONRELEASE but not AMDGPUGEMCREATEVRAMCLEARED, leaving freshly allocated VRAM with stale data from prior use...

CVE-2026-46220 drm/amdgpu/sdma4: replace BUG_ON with WARN_ON in fence emission

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/sdma4: replace BUGON with WARNON in fence emission sdmav40ringemitfence contains two BUGONaddr & 0x3 assertions that verify fence writeback addresses are dword-aligned. These assertions can be reached from unprivileged...

EUVD-2026-32847

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/sdma4: replace BUGON with WARNON in fence emission sdmav40ringemitfence contains two BUGONaddr & 0x3 assertions that verify fence writeback addresses are dword-aligned. These assertions can be reached from unprivileged...

EUVD-2026-32845

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Add bounds checking to ibget,setvalue The uvd/vce/vcn code accesses the IB at predefined offsets without checking that the IB is large enough. Check the bounds here. The caller is responsible for making sure it can...

CVE-2026-46218

The vulnerability CVE-2026-46218 affects the Linux kernel DRM AMDGPU driver. The issue is in ib_get_value/ib_set_value where the uvd/vce/vcn code accessed the Instruction Buffer (IB) at predefined offsets without verifying the IB size, enabling out-of-bounds reads/writes. The root cause is missin...

SUSE CVE-2026-45853

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Use kvfree instead of kfree in amdgpugmcgetnpsmemranges amdgpudiscoverygetnpsinfo internally allocates memory for ranges using kvcalloc, which may use vmalloc for large allocation. Using kfree to release vmalloc memor...

SUSE CVE-2026-45947

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix memory leak in amdgpuacpienumeratexcc In amdgpuacpienumeratexcc, if amdgpuacpidevinit returns -ENOMEM, the function returns directly without releasing the allocated xccinfo, resulting in a memory leak. Fix this by...

PT-2026-44340

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/vcn4: Avoid overflow on msg bound check As pointed out by SDL, the previous condition may be vulnerable to overflow. cherry picked from commit 3c5367d950140d4ec7af830b2268a5a6fdaa3885...

PT-2026-44341

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A bounds checking issue exists in the Linux kernel DRM AMD GPU driver. The uvd, vce, and vcn components access the Indirect Buffer IB at predefined offsets without verifying if the IB is...

CVE-2026-45979

A flaw was found in the Linux kernel's amdgpu graphics driver. When the system experiences low memory conditions, a specific cleanup routine within the amdgpucsparserbos function may fail to properly unlock a mutex. This oversight can lead to resource contention, potentially causing a denial of...

EUVD-2026-32319

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Use kvfree instead of kfree in amdgpugmcgetnpsmemranges amdgpudiscoverygetnpsinfo internally allocates memory for ranges using kvcalloc, which may use vmalloc for large allocation. Using kfree to release vmalloc memor...

CVE-2026-45976

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix memory leak in amdgpurasinit When amdgpunbiorasswinit fails in amdgpurasinit, the function returns directly without freeing the allocated con structure, leading to a memory leak. Fix this by jumping to the...

UBUNTU-CVE-2026-45976

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix memory leak in amdgpurasinit When amdgpunbiorasswinit fails in amdgpurasinit, the function returns directly without freeing the allocated con structure, leading to a memory leak. Fix this by jumping to the...