amdgpu driver

The Linux kernel patch set that closed CVE-2025-37768 fixes a straightforward but impactful arithmetic bug in the AMD DRM driver: under certain conditions the amdgpu power-management code could perform a division by zero when a user-supplied fan speed value exceeded safe bounds, producing a...

The Linux kernel vulnerability tracked as CVE-2025-37766 — a division-by-zero flaw in the AMD GPU power-management code (drm/amd/pm) — has reignited an important question for Microsoft customers: when Microsoft’s Security Response Center (MSRC) says “Azure Linux includes this open‑source library...

A small but important fix landed in the Linux kernel’s AMD display stack that corrects a sizing error and closes a local null‑pointer dereference in the DRM amdgpu code — a patch now tracked as CVE‑2025‑40354 that increases the driver’s maximum link count and guards against a NULL encoder access...

A small but sharp fix landed in the Linux kernel this week: the amdgpu DRM driver had two invalid BUG_ON checks removed because they can be triggered trivially by unprivileged userspace, a defect now tracked as CVE‑2025‑68201 and addressed upstream in the stable kernel trees. Background /...

A small change in the Linux kernel’s AMDGPU driver has been tracked as CVE-2022-50393 — a fix that replaces a locked iterator with an unlocked iterator in an SDMA page-table update path — but the implications reach beyond a single warning message, touching kernel locking semantics, GPU/CPU...

The Linux kernel received a targeted fix for a memory-leak bug in the AMDGPU DRM driver — tracked as CVE-2023-53370 — that corrects how fences associated with an MES (Micro-Engine Scheduler) queue are cleaned up during ring finalization, closing a local denial-of-service and resource-exhaustion...

A locally reachable bug in the AMDGPU DRM driver was assigned CVE‑2025‑40334 after upstream Linux maintainers merged a defensive patch that validates user-provided GPU virtual addresses and buffer sizes for the userq (user-mode queue) facility, closing a reproducible crash/invalid-access...

A small but important robustness fix landed in the Linux kernel this week to close CVE‑2025‑40288 — a NULL pointer dereference in the AMDGPU DRM driver’s VRAM logic that could crash systems using APU (accelerated processing unit) platforms or other configurations where the VRAM manager remains...

Microsoft’s brief advisory that “Azure Linux includes this open‑source library and is therefore potentially affected” is accurate — but it is a product‑scoped attestation, not a categorical statement that no other Microsoft product could include the same vulnerable kernel code. Background /...

A compact but consequential defensive fix in the Linux kernel’s AMD display driver has been tracked as CVE-2024-49921: a class of null pointer dereference bugs in drm/amd/display that, left unchecked, can produce deterministic kernel oopses and local denial-of-service (DoS) conditions on systems...

Microsoft’s wording that “Azure Linux includes this open‑source library and is therefore potentially affected” is an important and verifiable product‑scope attestation — but it is not a blanket technical guarantee that no other Microsoft product contains the same vulnerable code. Background /...

Microsoft’s published wording that “Azure Linux includes this open‑source library and is therefore potentially affected” is an authoritative, product‑scoped attestation — but it is not a technical proof that no other Microsoft product contains the same vulnerable code. Independent evidence shows...