amdgpu driver

About this tag
The amdgpu driver tag covers Linux kernel vulnerabilities and fixes in AMD's open-source graphics driver, as discussed in recent WindowsForum threads. Topics include CVEs such as CVE-2026-46204 (OOB read in VCN 4), CVE-2026-43398 (OOM from user queue wait ioctl), CVE-2026-43400 (bounds check fix for OOM DoS), CVE-2026-43195 (user queue size validation), CVE-2026-43237 (stale DMA fences causing kernel panic), CVE-2026-43131 (null pointer dereference in RAS), CVE-2026-23468 (128k BO list limit to prevent exhaustion), and CVE-2026-23213 (safe SMU Mode 1 resets). These threads highlight that modern GPU drivers are privileged kernel subsystems with growing security and stability implications for Linux systems, including those in mixed Windows/Linux environments.
  1. CVE-2026-53293: AMDGPU Kernel Deadlock Fix for AMD Linux Graphics

    Linux kernel maintainers disclosed CVE-2026-53293 on June 26, 2026, for an AMDGPU driver flaw in AMDGPU_INFO_READ_MMR_REG that could deadlock systems because the driver mixed reset locking, memory allocation, and user-copy operations in the wrong order. The vulnerability is not a Windows bug...
  2. CVE-2026-46204 AMDGPU VCN 4 OOB Read: Patch Before CVSS Score Exists

    CVE-2026-46204 is a newly published Linux kernel vulnerability from kernel.org, disclosed by NVD on May 28, 2026, affecting AMDGPU VCN 4 command parsing in the drm/amdgpu driver and fixed by replacing unsafe indirect-buffer reads with a bounds-checked helper. The bug is not yet scored by NVD...
  3. CVE-2026-43398 AMDGPU Kernel Bug: OOM Risk From User Queue Wait ioctl

    CVE-2026-43398 is a newly published Linux kernel vulnerability, disclosed by kernel.org and listed by NVD on May 8, 2026, involving the AMDGPU driver’s user queue wait ioctl path, where oversized user-supplied values could trigger out-of-memory conditions. The fix is not glamorous: it adds an...
  4. CVE-2026-43400: AMDGPU Bounds Check Fix Prevents Linux Kernel OOM DoS

    CVE-2026-43400 is a newly published Linux kernel vulnerability, disclosed on May 8, 2026, in AMD’s open-source amdgpu driver, where oversized user input to the amdgpu_userq_signal_ioctl path can trigger out-of-memory conditions and potentially be abused for denial-of-service attacks. The fix is...
  5. CVE-2026-43195 AMDGPU Fix: Validating User Queue Sizes in the Linux Kernel

    CVE-2026-43195 is a newly published Linux kernel vulnerability, received by NVD from kernel.org on May 6, 2026, that fixes missing validation in AMDGPU user queue creation by requiring queue sizes to be powers of two and at least one AMDGPU GPU page. The bug is not a headline-grabbing remote...
  6. CVE-2026-43237 AMDGPU Kernel Bug: Stale DMA Fences Trigger Linux Kernel Panic

    CVE-2026-43237, published by NVD on May 6, 2026 after disclosure from kernel.org, is a Linux kernel amdgpu driver flaw in amdgpu_gem_va_ioctl that can trigger stale or freed DMA fence use during AMD GPU virtual-address timeline updates. The ugly part is not that a GPU driver can crash; anyone...
  7. CVE-2026-43131 Linux AMDGPU RAS Null Pointer: What Windows Admins Should Know

    CVE-2026-43131 is a newly published Linux kernel vulnerability, disclosed on May 6, 2026, in AMD’s GPU power-management driver, where systems with the SMU disabled can hit a null pointer dereference during RAS initialization. That sounds narrow, and in exploit terms it probably is. But the bug...
  8. AMDGPU CVE-2026-23468: Kernel Fix Adds 128k BO List Limit to Prevent Exhaustion

    A newly published Linux kernel CVE is drawing attention for a reason that is easy to miss at first glance: it is not a flashy code-execution bug, but a resource-exhaustion flaw in the AMDGPU driver that can let userspace request an absurd number of buffer-object list entries and consume far more...
  9. CVE-2026-23213: AMD GPU Linux Kernel Fix for Safe SMU Mode 1 Resets

    CVE-2026-23213 is a good example of how a small-looking kernel fix can carry outsized operational consequences for AMD GPU users. The underlying issue, titled “drm/amd/pm: Disable MMIO access during SMU Mode 1 reset,” centers on a brief but dangerous window in which the ASIC is resetting and...
  10. CVE-2025-37768: AMDGPU Division by Zero Patch for Linux Kernel

    The Linux kernel patch set that closed CVE-2025-37768 fixes a straightforward but impactful arithmetic bug in the AMD DRM driver: under certain conditions the amdgpu power-management code could perform a division by zero when a user-supplied fan speed value exceeded safe bounds, producing a...
  11. CVE-2025-37766: Azure Linux AMDGPU DoS and MSRC Attestations

    The Linux kernel vulnerability tracked as CVE-2025-37766 — a division-by-zero flaw in the AMD GPU power-management code (drm/amd/pm) — has reignited an important question for Microsoft customers: when Microsoft’s Security Response Center (MSRC) says “Azure Linux includes this open‑source library...
  12. Linux Kernel Patch CVE-2025-40354: AMD Display Stack Bounds and NULL Pointer Fix

    A small but important fix landed in the Linux kernel’s AMD display stack that corrects a sizing error and closes a local null‑pointer dereference in the DRM amdgpu code — a patch now tracked as CVE‑2025‑40354 that increases the driver’s maximum link count and guards against a NULL encoder access...
  13. Linux Kernel amdgpu BUG_ON removal fixes CVE-2025-68201 DoS risk

    A small but sharp fix landed in the Linux kernel this week: the amdgpu DRM driver had two invalid BUG_ON checks removed because they can be triggered trivially by unprivileged userspace, a defect now tracked as CVE‑2025‑68201 and addressed upstream in the stable kernel trees. Background /...
  14. CVE-2022-50393: AMDGPU SDMA Locking Fix and Linux Kernel Stability

    A small change in the Linux kernel’s AMDGPU driver has been tracked as CVE-2022-50393 — a fix that replaces a locked iterator with an unlocked iterator in an SDMA page-table update path — but the implications reach beyond a single warning message, touching kernel locking semantics, GPU/CPU...
  15. CVE-2023-53370: AMDGPU MES Fence Memory Leak Fixed in Linux Kernels

    The Linux kernel received a targeted fix for a memory-leak bug in the AMDGPU DRM driver — tracked as CVE-2023-53370 — that corrects how fences associated with an MES (Micro-Engine Scheduler) queue are cleaned up during ring finalization, closing a local denial-of-service and resource-exhaustion...
  16. CVE-2025-40334: AMDGPU VA Validation Patch Prevents Kernel Oops

    A locally reachable bug in the AMDGPU DRM driver was assigned CVE‑2025‑40334 after upstream Linux maintainers merged a defensive patch that validates user-provided GPU virtual addresses and buffer sizes for the userq (user-mode queue) facility, closing a reproducible crash/invalid-access...
  17. Linux Kernel Fix CVE-2025-40288: AMDGPU VRAM NULL Pointer Crash Resolved

    A small but important robustness fix landed in the Linux kernel this week to close CVE‑2025‑40288 — a NULL pointer dereference in the AMDGPU DRM driver’s VRAM logic that could crash systems using APU (accelerated processing unit) platforms or other configurations where the VRAM manager remains...
  18. CVE-2025-38011: Azure Linux Attestation and AMDGPU Risk Explained

    Microsoft’s brief advisory that “Azure Linux includes this open‑source library and is therefore potentially affected” is accurate — but it is a product‑scoped attestation, not a categorical statement that no other Microsoft product could include the same vulnerable kernel code. Background /...
  19. CVE-2024-49921: Linux Kernel AMDGPU NULL Pointer Dereference Fix

    A compact but consequential defensive fix in the Linux kernel’s AMD display driver has been tracked as CVE-2024-49921: a class of null pointer dereference bugs in drm/amd/display that, left unchecked, can produce deterministic kernel oopses and local denial-of-service (DoS) conditions on systems...
  20. Azure Linux CVE-2024-35931 Attestation: Is It the Only Microsoft Product Affected?

    Microsoft’s wording that “Azure Linux includes this open‑source library and is therefore potentially affected” is an important and verifiable product‑scope attestation — but it is not a blanket technical guarantee that no other Microsoft product contains the same vulnerable code. Background /...