Lucene search
K

62 matches found

OSV
OSV
added 2026/06/25 8:38 a.m.3 views

CVE-2026-53144 drm/amdkfd: fix NULL dereference in get_queue_ids()

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: fix NULL dereference in getqueueids When usrqueueidarray is NULL and numqueues is non-zero, getqueueids returns NULL. The callers check only ISERR on the return value; since ISERRNULL == false the check passes, and...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.9 views

PT-2026-52240

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL dereference exists in the get queue ids function within the drm/amdkfd component. When the usr queue id array is NULL and num queues is non-zero, the function returns NULL. Becaus...

5.5CVSS6.1AI score0.00122EPSS
Exploits0References19
ATTACKERKB
ATTACKERKB
added 2026/06/24 4:29 p.m.5 views

CVE-2026-52987

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: avoid double drmexecfini in userq validate When newaddition is true, amdgpuuserqvmvalidate calls drmexecfini before iterating over the collected HMM ranges and calling amdgputtmttgetuserpages. If amdgputtmttgetuserpag...

5.7AI score0.00131EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/06/24 4:29 p.m.14 views

CVE-2026-52987

In the Linux kernel, CVE-2026-52987 arises from drm/amdgpu: double calls to drm_exec_fini() in userq_validate when new_addition is true. The code calls drm_exec_fini(&exec) before iterating HMM ranges and then, if amdgpu_ttm_tt_get_user_pages() fails, executes a second drm_exec_fini(&exec) on the...

7.8CVSS5.8AI score0.00131EPSS
Exploits0References5
OSV
OSV
added 2026/06/24 4:29 p.m.4 views

CVE-2026-52987 drm/amdgpu: avoid double drm_exec_fini() in userq validate

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: avoid double drmexecfini in userq validate When newaddition is true, amdgpuuserqvmvalidate calls drmexecfini&exec before iterating over the collected HMM ranges and calling amdgputtmttgetuserpages. If...

7.8CVSS5.8AI score0.00131EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.11 views

PT-2026-51881

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A double free flaw exists in the drm/amdgpu component within the userq validate function. The issue occurs when amdgpu userq vm validate calls the drm exec fini function on an execution...

7.8CVSS5.9AI score0.00131EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/06/08 3:50 p.m.41 views

CVE-2026-46311 drm/amdgpu/userq: fix access to stale wptr mapping

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/userq: fix access to stale wptr mapping Use drmexec to take both locks i.e vm root bo and wptrobj bo to access the mapping data properly. This fixes the security issue of unmap the wptrobj while a queue creation is in...

7.8CVSS0.00112EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/08 3:50 p.m.7 views

CVE-2026-46311

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/userq: fix access to stale wptr mapping Use drmexec to take both locks i.e vm root bo and wptrobj bo to access the mapping data properly. This fixes the security issue of unmap the wptrobj while a queue creation is in...

5.4AI score0.00112EPSS
Exploits0References3
OSV
OSV
added 2026/06/08 3:50 p.m.2 views

CVE-2026-46311 drm/amdgpu/userq: fix access to stale wptr mapping

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/userq: fix access to stale wptr mapping Use drmexec to take both locks i.e vm root bo and wptrobj bo to access the mapping data properly. This fixes the security issue of unmap the wptrobj while a queue creation is in...

7.8CVSS6.5AI score0.00112EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper access to the wptr mapping in the drm amdgpu userq component, potentially leading to...

7.8CVSS5.3AI score0.00112EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.0 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/qedr: Fixed the qedrcreateuserqp error flow. Avoid the following warning by ensuring that allocated resources are freed in case qedrinituserqueue fails. ----------- Cut here --- WARNING: CPU: 0 PID: 143192 at...

5.5CVSS6.3AI score0.00242EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Validated user queue size constraints. Added validation to ensure that user queue sizes meet hardware requirements: - The size must be a power of two for efficient ring buffer wrapping. - The size must be at least...

5.5CVSS5.8AI score0.00126EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: The function validate doorbelloffset in user queue creation checks whether the doorbelloffset provided by the user is within the allowed range. The function amdgpuuserqgetdoorbellindex passes this value to...

7.1CVSS5.9AI score0.00124EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/userq: Fixed the issue of a reference leak during queue teardown in version 2. The user mode queue maintains a pointer to the most recent fence in userq-lastfence. This pointer retains an additional dmafence reference...

5.8AI score0.00177EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/08 10:10 p.m.9 views

CVE-2026-43400

A flaw was found in the Linux kernel's drm/amdgpu module. A local user could exploit this vulnerability by providing excessively large input values to the amdgpuuserqsignalioctl function. This lack of proper input validation can lead to an Out-Of-Memory OOM condition, causing a Denial of Service...

5.5CVSS5.8AI score0.00126EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/08 3:31 p.m.9 views

EUVD-2026-28704

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add upper bound check on user inputs in wait ioctl Huge input values in amdgpuuserqwaitioctl can lead to a OOM and could be exploited. So check these input value against AMDGPUUSERQMAXHANDLES which is big enough value...

5.8AI score0.00126EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/08 3:31 p.m.10 views

EUVD-2026-28705

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/userq: Fix reference leak in amdgpuuserqwaitioctl Drop reference to syncobj and timeline fence when aborting the ioctl due output array being too small. cherry picked from commit 68951e9c3e6bb22396bc42ef2359751c8315dd2...

5.8AI score0.00121EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.11 views

PT-2026-39061

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the drm/amdgpu component where the amdgpu userq signal ioctl function lacks proper upper bound checks on user inputs. Providing excessively large input values can lead t...

5.5CVSS5.4AI score0.00126EPSS
Exploits0References14
Microsoft CVE
Microsoft CVE
added 2026/05/07 8:8 a.m.11 views

drm/amdgpu: validate user queue size constraints

...

7.1CVSS5.8AI score0.00126EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/05/06 8:58 p.m.10 views

CVE-2026-43195

A flaw was found in the Linux kernel's drm/amdgpu graphics driver. This vulnerability arises from inadequate validation of user-provided queue sizes, which do not meet hardware requirements. An attacker could exploit this by supplying invalid queue size configurations, potentially leading to GPU...

5.5CVSS5.8AI score0.00126EPSS
Exploits0References4
Rows per page
Query Builder