UBUNTU-CVE-2026-43370

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix use-after-free race in VM acquire Replace non-atomic vm-processinfo assignment with cmpxchg to prevent race when parent/child processes sharing a drmfile both try to acquire the same VM after fork. cherry picked...

CVE-2026-43400

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add upper bound check on user inputs in signal ioctl Huge input values in amdgpuuserqsignalioctl can lead to a OOM and could be exploited. So check these input value against AMDGPUUSERQMAXHANDLES which is big enough...

CVE-2026-43400 drm/amdgpu: add upper bound check on user inputs in signal ioctl

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add upper bound check on user inputs in signal ioctl Huge input values in amdgpuuserqsignalioctl can lead to a OOM and could be exploited. So check these input value against AMDGPUUSERQMAXHANDLES which is big enough...

CVE-2026-43398

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add upper bound check on user inputs in wait ioctl Huge input values in amdgpuuserqwaitioctl can lead to a OOM and could be exploited. So check these input value against AMDGPUUSERQMAXHANDLES which is big enough value...

CVE-2026-43298

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Skip vcn poison irq release on VF VF doesn't enable VCN poison irq in VCNv2.5. Skip releasing it and avoid call trace during deinitialization. 71.913601 drm clean up the vf2pf work item 71.915088 ------------ cut here...

PT-2026-38940

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the drm/amdgpu component where Virtual Functions VF do not enable the VCN poison interrupt request irq in VCNv2.5. Attempting to release this irq during deinitializati...

drm/amdgpu: fix NULL pointer issue buffer funcs

...

CVE-2026-43237

A flaw was found in the Linux kernel's AMD GPU amdgpu driver. Incorrect management of graphics memory dmafence references within the amdgpugemvaioctl function can lead to a reference count underflow and a use-after-after-free condition. A local attacker could exploit this vulnerability to trigger...

CVE-2026-43195

A flaw was found in the Linux kernel's drm/amdgpu graphics driver. This vulnerability arises from inadequate validation of user-provided queue sizes, which do not meet hardware requirements. An attacker could exploit this by supplying invalid queue size configurations, potentially leading to GPU...

CVE-2025-71294

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix NULL pointer issue buffer funcs If SDMA block not enabled, bufferfuncs will not initialize, fix the null pointer issue if bufferfuncs not initialized...

CVE-2025-71294

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix NULL pointer issue buffer funcs If SDMA block not enabled, bufferfuncs will not initialize, fix the null pointer issue if bufferfuncs not initialized...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of verification of the user queue size constraint in the drm amdgpu mechanism. This...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the amdgpu graphics driver’s data allocation in the RAS module after bad page checking, potential...

PT-2026-37535

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw in the drm/amdgpu component allows for invalid user queue size configurations. The system fails to validate that queue sizes are a power of two for efficient ring buffer wrapping...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: drm/amdgpu: fixed the UBSAN warning in kvdpm.c Added a bounds check for sumovidmappingentry...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: The calltrace warning in amddrmbuddyfini has been fixed. The following call trace was observed when removing the amdgpu driver. This issue arises because the BOs allocated for PSP are not freed until after the driver ...

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: drm/amdkfd: Fixed the shift out-of-bounds issue 567.613292 The shift exponent 255 is too large for the 64-bit type ‘long unsigned int’ 567.614498 CPU: 5 PID: 238 Comm: kworker/5:1 Tainted: G OE 6.2.0-34-generic 3422.04.1-Ubunt...

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fixed the calltrace warning in psphwfini. The call trace occurs when the amdgpu is removed after a mode1 reset. During a mode1 reset, from suspend to resume, there is no need to reinitialize the ta firmware buffer,...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: validate userq input args. This will assist in validating the userq input arguments and rejecting invalid userq requests during IOCTls...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fixed the amdgpuirqput call trace in gmcv100hwfini. The gmc.eccirq is enabled by the firmware based on the IFWI setting. The host driver does not have privileges to enable/disable the interrupt. Therefore, using the...