gpu

A small arithmetic oversight in the Linux kernel's AMD display stack—tracked as CVE-2024-47661—was patched with a surgical code change that prevents an integer overflow when a 32-bit value is assigned into an 8-bit field; while the flaw is not remotely exploitable, it carries a clear...

The Linux kernel’s AMD display subsystem received a targeted safety fix for CVE‑2024‑49920: a set of null‑pointer checks added to the DRM/AMD display code to prevent repeated dereferences of possibly NULL objects — a class of bugs that can trigger kernel crashes and sustained denial‑of‑service...

A Linux kernel vulnerability in the AMD DRM/display stack — tracked as CVE-2024-49972 — can leave driver state in an inconsistent condition when a Display Mode Library (DML) allocation fails, causing driver instability and a local denial-of-service until the host is rebooted or patched. The flaw...

A subtle null‑check omission in the AMD DRM display stack has been cataloged as CVE‑2024‑49893 — a low‑complexity, local NULL pointer dereference that can crash the kernel’s AMD display code path and produce a denial‑of‑service on affected Linux kernels; the fix is a small defensive check in...

A small but consequential change in the AMD Linux display driver — removing a register read from the DCN35 DMCUB diagnostic collection — was merged to upstream kernels to close CVE-2024-47662, a local, availability‑focused flaw that can hang the display microcontroller interface and block a...

The Linux kernel vulnerability tracked as CVE-2023-52485 exposes a deterministic denial‑of‑service condition in the AMD display driver: under certain power‑management races the driver can attempt to send commands to the DMCUB microcontroller while it is powered down, causing the command path to...

A small memory-handling bug in the AMD DRM display driver has been fixed upstream, but its implications for stability and shared systems deserve immediate attention: CVE-2024-53133 describes a failure to handle a DML (Display Mode Library) allocation error that can lead to a shallow-copy of...

A small but consequential defensive change landed in the Linux kernel’s AMD DRM display stack to eliminate a reliable kernel crash primitive: the patch adds a null check for pipe_ctx->plane_state inside dcn20_program_pipe, preventing a NULL-pointer dereference that could produce a driver oops...

A small, surgical change to the AMD display driver in the Linux kernel patched a deterministic NULL-pointer dereference that could crash systems when specific display code paths were exercised, and the fix — while tiny in code — is operationally significant because it removes a reliable...

A recently disclosed Linux-kernel vulnerability, tracked as CVE-2024-46730, affects the AMD DRM display subsystem (drivers/gpu/drm/amdgpu — the drm/amd/display code path) and can cause a deterministic denial-of-service by using a negative array index (tg_inst == -1) when the driver assumes at...

Microsoft’s short, product‑scoped attestation — that “Azure Linux includes this open‑source library and is therefore potentially affected” — is accurate and actionable for Azure Linux customers, but it is not a categorical proof that no other Microsoft product can or does include the same...

A small but important kernel change — replacing a sleeping mutex with a non‑sleeping spinlock in the AMDGPU driver’s RLCG register access path — has been tracked as CVE‑2025‑38104 and fixed upstream to eliminate a priority‑inversion and invalid‑wait context that could trigger kernel oopses or...

A small but consequential null-pointer dereference in the AMD DRM display stack — rooted in drivers/gpu/drm/amd/display and specifically dcn20_resource.c — has been tracked as CVE‑2024‑43899 and fixed upstream; the bug can cause a kernel oops or system hang when particular display code paths are...

A small, defensive change landed in the Linux kernel to neutralize a local denial‑of‑service that could crash hosts when debugging the AMD display DTN (Display Timing/Transfer‑Function) logger on DCN401 hardware — tracked as CVE‑2024‑43901 — and administrators should treat it as a pragmatic...

Microsoft’s MSRC advisory that “Azure Linux includes this open‑source library and is therefore potentially affected” is an authoritative, product‑scoped attestation — but it is not a categorical guarantee that no other Microsoft product contains the same vulnerable AMDGPU code; Azure Linux is...

In the Linux kernel security landscape, a medium‑severity vulnerability tracked as CVE‑2024‑42064 was disclosed affecting the AMD DRM display driver: a defect in drm/amd/display that can cause the driver to crash when a pipe index (pipe idx) is not set properly, and the upstream remedy is to...

A newly disclosed Linux kernel vulnerability in the AMD display driver — tracked as CVE-2024-56775 — can allow a local attacker to trigger memory corruption or resource exhaustion by upsetting the driver’s plane reference counting during a backup-and-restore operation, and a patch has been...

The Linux kernel vulnerability tracked as CVE‑2023‑52624 corrects a fragile interaction between the AMD display driver and a small display microcontroller (DMCUB): when the driver attempted to send GPINT mailbox commands while DMCUB was idle the hardware could hang the system, and the upstream...

A critical null-pointer dereference in the AMD Linux display driver (tracked as CVE-2025-39705) has been fixed upstream, and Microsoft’s public attestation names Azure Linux as a known, potentially affected Microsoft product — but that attestation covers only the inventory Microsoft has...

Headline Is Azure Linux truly the only Microsoft product that ships the vulnerable drm/amd/pm code (CVE‑2025‑38705)? Short answer, nuance first — no, not necessarily — but the practical impact depends on which Microsoft kernel builds you actually run. Lead Microsoft’s MSRC advisory for...