CVE-2025-38011

Summary: CVE-2025-38011 affects the Linux kernel DRM/amdgpu path (csa unmapping). The root cause is a use of an interruptible lock while unmapping the CSA and freeing GPU VM, which could lead to a memory leak and a warning backtrace when a signal is accepted after process exit and a VM lock wait ...

CVE-2025-38011 drm/amdgpu: csa unmap use uninterruptible lock

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: csa unmap use uninterruptible lock After process exit to unmap csa and free GPU vm, if signal is accepted and then waiting to take vm lock is interrupted and return, it causes memory leaking and below warning backtrac...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Handle errors from amdgpucgscreatedevice in amdpowerplaycreate. Add error handling to propagate the failures of amdgpucgscreatedevice to the caller. When amdgpucgscreatedevice fails, release hwmgr and return -ENOMEM t...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fixed a potential NULL pointer dereference in the atomctrlgetsmcsclkrangetable function. The function atomctrlgetsmcsclkrangetable does not check the return value of smuatomgetdatatable. If smuatomgetdatatable fails t...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Stop amdgpudm initialization when the number of links is greater than maxlinks. Reason The Coverity report indicates an OVERRUN warning. There are only maxlinks elements within dc-links. The number of links can...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix slab-use-after-free in hdcp The HDCP code in amdgpudmhdcp.c copies pointers to amdgpudmconnector objects without incrementing the kref reference counts. When using a USB-C dock, and the dock is unplugged, the...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix for the “use-after-free” bug. This bug can be triggered by sending a single amdgpugemuserptrioctl command to the AMDGPU DRM driver on any ASICs with an invalid address and size. The bug was reported by Joonkyo Jun...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Abrupt exit when failing to load firmware in pspinitcapmicrocode. In the function pspinitcapmicrocode, an abrupt exit should occur when attempting to load firmware fails; otherwise, it may lead to invalid memory acces...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: amdkfd: The gangctxbo memory object is properly freed when attempting to initialize the user queue. The destructor of the gtt bo is declared as: void amdgpuamdkfdfreegttmemstruct amdgpudevice adev, void memobj; This function take...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fixed an invalid context error in the dml helper. Why “BUG: Sleeping function called from invalid context” error. After: drm/amd/display: Protection was added for the FPU in dml2validate/dml21validate. The...

kernel: drm/amdgpu: Fix potential out-of-bounds access in 'amdgpu_discovery_reg_base_init()'

An out-of-bounds access flaw was found in drivers/gpu/drm/amd/amdgpu/amdgpudiscovery.c in the Linux kernel. This issue may lead to a crash...

CLSA-2025-1749568993 kernel: Fix of 24 CVEs

vsock: Keep the binding until socket destruction CVE-2025-21756 - mt76: fix use-after-free by removing a non-RCU wcid pointer CVE-2022-49328 - bpf, testrun: Fix alignment problem in bpfprogtestrunskb CVE-2022-49840 - ASoC: core: Fix use-after-free in sndsocexit CVE-2022-49842 - net: sched: Fix...

CLSA-2025-1749548218 Fix of 6 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-57896 - btrfs: flush delalloc workers queue before stopping cleaner kthread during unmount CVE-url: https://ubuntu.com/security/CVE-2024-56551 - drm/amdgpu: fix usage slab after free CVE-url: https://ubuntu.com/security/CVE-2021-47211 - ALSA: usb-audi...

Fedora 42 : linux-firmware (2025-a5859c4a47)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-a5859c4a47 advisory. Update to upstream 20250311: amdgpu: many firmware updates qcom: Update gpu firmwares for qcs8300 chipset add firmware for qat420xx devices amdgpu:...

The vulnerability of the amdgpu_dm_initialize_drm_device() function in the DRI driver allows a hacker to cause a system failure. This vulnerability relates to AMD GPU-based Linux operating system hardware.

The vulnerability of the amdgpudminitializedrmdevice function in the DRI driver for AMD graphics cards in Linux operating systems is related to unvalidated array indexing. Exploiting this vulnerability could allow an attacker to cause a service failure...

Fedora: Security Advisory (FEDORA-2024-516b214c25)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-37903

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix slab-use-after-free in hdcp The HDCP code in amdgpudmhdcp.c copies pointers to amdgpudmconnector objects without incrementing the kref reference counts. When using a USB-C dock, and the dock is unplugged, the...

AZL-70376 CVE-2025-37903 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix slab-use-after-free in hdcp The HDCP code in amdgpudmhdcp.c copies pointers to amdgpudmconnector objects without incrementing the kref reference counts. When using a USB-C dock, and the dock is unplugged, the...

DEBIAN-CVE-2025-37903

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix slab-use-after-free in hdcp The HDCP code in amdgpudmhdcp.c copies pointers to amdgpudmconnector objects without incrementing the kref reference counts. When using a USB-C dock, and the dock is unplugged, the...

CVE-2025-37903

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix slab-use-after-free in hdcp The HDCP code in amdgpudmhdcp.c copies pointers to amdgpudmconnector objects without incrementing the kref reference counts. When using a USB-C dock, and the dock is unplugged, the...