SUSE CVE-2026-43400

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add upper bound check on user inputs in signal ioctl Huge input values in amdgpuuserqsignalioctl can lead to a OOM and could be exploited. So check these input value against AMDGPUUSERQMAXHANDLES which is big enough...

CVE-2026-43318

A flaw was found in the Linux kernel's drm/amdgpu component. A synchronization bug in the amdgpudmabufmovenotify function, which handles direct memory access buffer dmabuf movements, can lead to a page fault. This occurs when a process attempts to access a shared buffer while another process is...

drm/amdgpu: add upper bound check on user inputs in signal ioctl

...

SUSE CVE-2025-71294

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix NULL pointer issue buffer funcs If SDMA block not enabled, bufferfuncs will not initialize, fix the null pointer issue if bufferfuncs not initialized...

SUSE CVE-2026-43237

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Refactor amdgpugemvaioctl for Handling Last Fence Update and Timeline Management v4 This commit simplifies the amdgpugemvaioctl function, key updates include: - Moved the logic for managing the last update fence...

CVE-2026-43400

A flaw was found in the Linux kernel's drm/amdgpu module. A local user could exploit this vulnerability by providing excessively large input values to the amdgpuuserqsignalioctl function. This lack of proper input validation can lead to an Out-Of-Memory OOM condition, causing a Denial of Service...

CVE-2026-43398

A flaw was found in the Linux kernel's amdgpu graphics driver. A local user could exploit this vulnerability by providing excessively large input values to the amdgpuuserqwaitioctl function. This improper input validation can lead to an Out-Of-Memory OOM condition, resulting in a Denial of Servic...

CVE-2026-43399

A flaw was found in the Linux kernel's AMD GPU amdgpu driver. Specifically, a reference leak occurs in the amdgpuuserqwaitioctl function. This issue arises when an I/O control ioctl operation is aborted because the output array provided is insufficient. A local attacker could exploit this to caus...

CVE-2026-43369

A flaw was found in the Linux kernel's drm/amd graphics driver. When a GPU initialization fails due to an unsupported hardware block, certain IP blocks may have a null version pointer. During the device cleanup process, the amdgpudevicesetpgstate and amdgpudevicesetcgstate functions attempt to...

CVE-2026-43298

A flaw was found in the amdgpu graphics driver within the Linux kernel. During deinitialization, the driver attempts to release a Video Core Next VCN poison interrupt request IRQ on a Virtual Function VF even when it was not enabled. This can cause a kernel warning and lead to system instability,...

EUVD-2026-28704

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add upper bound check on user inputs in wait ioctl Huge input values in amdgpuuserqwaitioctl can lead to a OOM and could be exploited. So check these input value against AMDGPUUSERQMAXHANDLES which is big enough value...

EUVD-2026-28705

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/userq: Fix reference leak in amdgpuuserqwaitioctl Drop reference to syncobj and timeline fence when aborting the ioctl due output array being too small. cherry picked from commit 68951e9c3e6bb22396bc42ef2359751c8315dd2...

EUVD-2026-28675

In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix NULL pointer dereference in device cleanup When GPU initialization fails due to an unsupported HW block IP blocks may have a NULL version pointer. During cleanup in amdgpudevicefinihw, the code calls...

EUVD-2026-28676

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix use-after-free race in VM acquire Replace non-atomic vm-processinfo assignment with cmpxchg to prevent race when parent/child processes sharing a drmfile both try to acquire the same VM after fork. cherry picked...

EUVD-2026-28602

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix sync handling in amdgpudmabufmovenotify Invalidating a dmabuf will impact other users of the shared BO. In the scenario where process A moves the BO, it needs to inform process B about the move and process B will...

EUVD-2026-28568

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Skip vcn poison irq release on VF VF doesn't enable VCN poison irq in VCNv2.5. Skip releasing it and avoid call trace during deinitialization. 71.913601 drm clean up the vf2pf work item 71.915088 ------------ cut here...

CVE-2026-43398

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add upper bound check on user inputs in wait ioctl Huge input values in amdgpuuserqwaitioctl can lead to a OOM and could be exploited. So check these input value against AMDGPUUSERQMAXHANDLES which is big enough value...

CVE-2026-43399

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/userq: Fix reference leak in amdgpuuserqwaitioctl Drop reference to syncobj and timeline fence when aborting the ioctl due output array being too small. cherry picked from commit 68951e9c3e6bb22396bc42ef2359751c8315dd2...

CVE-2026-43400

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add upper bound check on user inputs in signal ioctl Huge input values in amdgpuuserqsignalioctl can lead to a OOM and could be exploited. So check these input value against AMDGPUUSERQMAXHANDLES which is big enough...

CVE-2026-43370

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix use-after-free race in VM acquire Replace non-atomic vm-processinfo assignment with cmpxchg to prevent race when parent/child processes sharing a drmfile both try to acquire the same VM after fork. cherry picked...