487 matches found
PT-2026-43843
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the amdgpu ras init function. When the amdgpu nbio ras sw init function fails, the system returns an error code immediately without freeing the allocated con...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: An off-by-one error occurred in dmdmuboutbox1lowirq. The condition ARRAYSIZE should be set to = ARRAYSIZE to prevent out-of-bounds access...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Install a stub fence into potential unused fence pointers. When using cpu to update page tables, VM update fences are unused. Instead, install a stub fence into these fence pointers, rather than setting them to NULL...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Validated user queue size constraints. Added validation to ensure that user queue sizes meet hardware requirements: - The size must be a power of two for efficient ring buffer wrapping. - The size must be at least...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fixed error handling in slot reset. If the device does not recover after the slot reset is called, it proceeds to the out label for error handling. There, it may make decisions based on uninitialized hive pointers,...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: drm/amdgpu: fixed out-of-bounds access to the mmhub client ID. Properly handled cid 0x140...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/userq: Do not allow userspace to trivially trigger kernel warnings. Userspace can either deliberately pass in a too-small numfences value, or the required number can legitimately increase between the two calls to the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: validate the virtual address and size of the userq buffer. It is necessary to validate the virtual address of the userq object to determine whether it is located in a valid vm mapping...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021610)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021610 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/pm: Fix the null pointer dereference in applystateadjustrules Check the pointer value ...
SUSE CVE-2026-43370
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix use-after-free race in VM acquire Replace non-atomic vm-processinfo assignment with cmpxchg to prevent race when parent/child processes sharing a drmfile both try to acquire the same VM after fork. cherry picked...
SUSE CVE-2026-43400
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add upper bound check on user inputs in signal ioctl Huge input values in amdgpuuserqsignalioctl can lead to a OOM and could be exploited. So check these input value against AMDGPUUSERQMAXHANDLES which is big enough...
EUVD-2026-28704
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add upper bound check on user inputs in wait ioctl Huge input values in amdgpuuserqwaitioctl can lead to a OOM and could be exploited. So check these input value against AMDGPUUSERQMAXHANDLES which is big enough value...
CVE-2026-43398
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add upper bound check on user inputs in wait ioctl Huge input values in amdgpuuserqwaitioctl can lead to a OOM and could be exploited. So check these input value against AMDGPUUSERQMAXHANDLES which is big enough value...
CVE-2026-43370
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix use-after-free race in VM acquire Replace non-atomic vm-processinfo assignment with cmpxchg to prevent race when parent/child processes sharing a drmfile both try to acquire the same VM after fork. cherry picked...
UBUNTU-CVE-2026-43398
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add upper bound check on user inputs in wait ioctl Huge input values in amdgpuuserqwaitioctl can lead to a OOM and could be exploited. So check these input value against AMDGPUUSERQMAXHANDLES which is big enough value...
CVE-2026-43370
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix use-after-free race in VM acquire Replace non-atomic vm-processinfo assignment with cmpxchg to prevent race when parent/child processes sharing a drmfile both try to acquire the same VM after fork. cherry picked...
CVE-2026-43400
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add upper bound check on user inputs in signal ioctl Huge input values in amdgpuuserqsignalioctl can lead to a OOM and could be exploited. So check these input value against AMDGPUUSERQMAXHANDLES which is big enough...
CVE-2026-43399
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/userq: Fix reference leak in amdgpuuserqwaitioctl Drop reference to syncobj and timeline fence when aborting the ioctl due output array being too small. cherry picked from commit 68951e9c3e6bb22396bc42ef2359751c8315dd2...
CVE-2026-43398
The CVE-2026-43398 entry concerns the Linux kernel amdgpu driver. A vulnerability arises from improper input validation in the userq_wait ioctl (amdgpu_userq_wait_ioctl), where excessively large input values can cause an Out-Of-Memory (OOM) situation, leading to Denial of Service. The root cause ...
CVE-2026-43370
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix use-after-free race in VM acquire Replace non-atomic vm-processinfo assignment with cmpxchg to prevent race when parent/child processes sharing a drmfile both try to acquire the same VM after fork. cherry picked...