CVE-2026-52987

A flaw was found in the Linux kernel. A double free vulnerability exists in the drm/amdgpu component within the userq validate function. This issue arises because the drmexecfini function is called twice on the same execution object, which is not designed to be idempotent. An attacker could...

EUVD-2026-39898

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix AMDGPUINFOREADMMRREG There were multiple issues in that code. First of all the order between the reset semaphore and the mmlock was wrong e.g. copytouser was called while holding the lock. Then we allocated memory...

CVE-2026-53293

The CVE-2026-53293 entry concerns the Linux kernel DRM/AMDGPU code (AMDGPU_INFO_READ_MMR_REG). The issues reported were in the AMDGPU_INFO_READ_MMR_REG path where: (1) the reset semaphore lock order with mm_lock was incorrect (e.g., copy_to_user called while holding the lock), (2) memory was allo...

EUVD-2026-38855

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: avoid double drmexecfini in userq validate When newaddition is true, amdgpuuserqvmvalidate calls drmexecfini&exec before iterating over the collected HMM ranges and calling amdgputtmttgetuserpages. If...

CVE-2026-52987

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: avoid double drmexecfini in userq validate When newaddition is true, amdgpuuserqvmvalidate calls drmexecfini&exec before iterating over the collected HMM ranges and calling amdgputtmttgetuserpages. If...

CVE-2026-52987

In the Linux kernel, CVE-2026-52987 arises from drm/amdgpu: double calls to drm_exec_fini() in userq_validate when new_addition is true. The code calls drm_exec_fini(&exec) before iterating HMM ranges and then, if amdgpu_ttm_tt_get_user_pages() fails, executes a second drm_exec_fini(&exec) on the...

CVE-2026-52987 drm/amdgpu: avoid double drm_exec_fini() in userq validate

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: avoid double drmexecfini in userq validate When newaddition is true, amdgpuuserqvmvalidate calls drmexecfini&exec before iterating over the collected HMM ranges and calling amdgputtmttgetuserpages. If...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fixed a NULL pointer dereferencing in amdgpugmcfilterfaultsremove. On APUs such as Raven and Renoir GC 9.1.0, 9.2.2, 9.3.0, the ih1 and ih2 interrupt ring buffers are not initialized. This is by design, as these...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fixed a potential NULL pointer dereference in the atomctrlgetsmcsclkrangetable function. The function atomctrlgetsmcsclkrangetable does not check the return value of smuatomgetdatatable. If smuatomgetdatatable fails t...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: A memory leak has been fixed in hpdrxirqcreateworkqueue. If the construction of the array of work queues to handle hpdrxirq offload fails, we need to unwind the process. All created workqueues and the allocated memory...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: An off-by-one error occurred in dmdmuboutbox1lowirq. The condition ARRAYSIZE should be = ARRAYSIZE to prevent out-of-bounds access...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Replace Mutex with Spinlock for RLCG register access to avoid Priority Inversion in SRIOV RLCG Register Access is a way for virtual functions to safely access GPU registers in a virtualized environment, including TLB...

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fixed a NULL pointer dereference in amdgpudmi2cxfer. When ddcserviceconstruct is called, it explicitly checks both the link type and whether there is something on the link that will determine whether the pin is...

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fixed the calltrace warning in psphwfini. The call trace occurs when the amdgpu is removed after a mode1 reset. During a mode1 reset, from suspend to resume, there is no need to reinitialize the ta firmware buffer,...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fixed the amdgpuirqput call trace in gmcv100hwfini. The gmc.eccirq is enabled by the firmware based on the IFWI setting. The host driver does not have privileges to enable/disable the interrupt. Therefore, using the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/amdkfd: Fixed a kernel warning during topology setup This patch fixes the following kernel warning that occurred during driver loading by correctly initializing the p2plink attr before creating the sysfs file: +0.002865...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fixed the NULL pointer issue in bufferfuncs. If SDMA block is not enabled, bufferfuncs will not be initialized. Fixing this issue ensures that the NULL pointer issue is addressed when bufferfuncs is not initialized...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Validated user queue size constraints. Added validation to ensure that user queue sizes meet hardware requirements: - The size must be a power of two for efficient ring buffer wrapping. - The size must be at least...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: The return value of init in amdgputtmclearbuffer. Otherwise, an uninitialized value may be returned if amdgpurescleared returns true for all regions. Possibly related to:...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: drm/amdgpu: fixed the UBSAN warning in kvdpm.c Added a bounds check for sumovidmappingentry...