SUSE-SU-2023:3019-1 Security update for kernel-firmware

This update for kernel-firmware fixes the following issues: Updated to version 20230724 git commit 59fbffa9ec8e: - CVE-2023-20593: Fixed AMD ucode for ZenBleed vulnerability bsc1213286. Bugfixes: - Fix qcom ASoC tglp WHENCE entry - Group all Conexant V4L devices together - Makefile, copy-firmware...

PT-2023-8458

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.4.12 Description The issue is related to a use-after-free error in the amdgpu cs wait all fences function, located in drivers/gpu/drm/amd/amdgpu/amdgpu cs.c. This error can occur due to a race condition,...

kernel: drm/amdgpu: Fix use-after-free on amdgpu_bo_list mutex

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix use-after-free on amdgpubolist mutex If amdgpucsvmhandling returns r != 0, then it will unlock the bolistmutex inside the function amdgpucsvmhandling and again on amdgpucsparserfini. This problem results in the...

kernel: drm/amdgpu: Off by one in dm_dmub_outbox1_low_irq()

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Off by one in dmdmuboutbox1lowirq The ARRAYSIZE should be = ARRAYSIZE to prevent an out of bounds access...

kernel: drm/amdgpu: Fix use-after-free on amdgpu_bo_list mutex

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix use-after-free on amdgpubolist mutex If amdgpucsvmhandling returns r != 0, then it will unlock the bolistmutex inside the function amdgpucsvmhandling and again on amdgpucsparserfini. This problem results in the...

PT-2025-25961 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.20.0 Description: A use-after-free issue has been identified in the Linux kernel, specifically in the drm/amdgpu component. This issue arises when amdgpu cs vm handling returns a non-zero value, causing the bo...

PT-2025-38349

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak was identified in the DRM/amdgpu module during the amdgpu ring fini function. The fences associated with the mes queue were not being freed, leading to a memory leak...

PT-2025-40689

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 4.2.2 Description A general protection fault may occur due to an error in the sdma v4 software finalization process. This issue affects the amdgpu driver and can lead to system instability. The fix addresses an...

linux-firmware bug fix and enhancement update

An update is available for linux-firmware. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The linux-firmware packages contain all of the firmware files that are...

GSD-2023-1002358 drm/amdgpu/fence: Fix oops due to non-matching drm_sched init/fini

drm/amdgpu/fence: Fix oops due to non-matching drmsched init/fini This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.94 by commit...

GSD-2023-1002326 drm/amdgpu/fence: Fix oops due to non-matching drm_sched init/fini

drm/amdgpu/fence: Fix oops due to non-matching drmsched init/fini This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.12 by commit...

PT-2025-18800

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, which was causing a call trace warning and hang when removing an amdgpu device on GPUs with RAS enabled. The issue occurred during...

K62031468: Linux Kernel vulnerability CVE-2019-19060, CVE-2019-19067, CVE-2019-19069, CVE-2019-19081, CVE-2019-19083

Security Advisory Description CVE-2019-19060 A memory leak in the adisupdatescanmode function in drivers/iio/imu/adisbuffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service memory consumption, aka CID-ab612b1daf41. CVE-2019-19067 DISPUTED Four memory leaks in the...

SUSE CVE-2021-42327

dplinksettingswrite in drivers/gpu/drm/amd/display/amdgpudm/amdgpudmdebugfs.c in the Linux kernel through 5.14.14 allows a heap-based buffer overflow by an attacker who can write a string to the AMD GPU display drivers debug filesystem. There are no checks on size within parsewritebufferintoparam...

GSD-2023-1002014 drm/amdgpu: Fixed bug on error when unloading amdgpu

drm/amdgpu: Fixed bug on error when unloading amdgpu This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.7 by commit...

GSD-2023-1001998 drm/amdgpu: Fix potential NULL dereference

drm/amdgpu: Fix potential NULL dereference This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.7 by commit...

PT-2023-35090 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.7 Description: A bug was fixed in the Linux Kernel that occurs when unloading amdgpu. The actual impact and attack plausibility of this issue have not yet been proven. Recommendations: For Linux Kernel...

GSD-2023-1001705 drm/amdgpu: Fix potential NULL dereference

drm/amdgpu: Fix potential NULL dereference This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.7 by commit...

PT-2023-34802 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.7 Description: A bug was fixed in the Linux Kernel that occurs when unloading amdgpu. The actual impact and attack plausibility of this issue have not yet been proven. Recommendations: For Linux Kernel...

GSD-2023-1001472 amdgpu/pm: prevent array underflow in vega20_odn_edit_dpm_table()

amdgpu/pm: prevent array underflow in vega20odneditdpmtable This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.163 by commit...