CVE-2026-43369
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
drm/amd: Fix NULL pointer dereference in device cleanup
When GPU initialization fails due to an unsupported HW block IP blocks may have a NULL version pointer. During cleanup in amdgpu_device_fini_hw, the code calls amdgpu_device_set_pg_state and amdgpu_device_set_cg_state which iterate over all IP blocks and access adev->ip_blocks[i].version without NULL checks, leading to a kernel NULL pointer dereference.
Add NULL checks for adev->ip_blocks[i].version in both amdgpu_device_set_cg_state and amdgpu_device_set_pg_state to prevent dereferencing NULL pointers during GPU teardown when initialization has failed.
(cherry picked from commit b7ac77468cda92eecae560b05f62f997a12fe2f2)
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | fc58ef30e0a1524ce72a8e873d773ba3b0830c7d < 43025c941aced9a9009f9ff20eea4eb78c61deb8 | affected |
| Linux | Linux | 6d7ac4a0ebb6b7bc885274aa8b2bd9971f07013c < 767cd24d3c4ae847688877def4891943f6611ecd | affected |
| Linux | Linux | 39fc2bc4da0082c226cbee331f0a5d44db3997da < 062ea905fff7756b2e87143ffccaece5cdb44267 | affected |
| Linux | Linux | 6.18.16 < 6.18.19 | affected |
| Linux | Linux | 6.19.6 < 6.19.9 | affected |
Weaknesses
References
- https://git.kernel.org/stable/c/43025c941aced9a9009f9ff20eea4eb78c61deb8
- https://git.kernel.org/stable/c/767cd24d3c4ae847688877def4891943f6611ecd
- https://git.kernel.org/stable/c/062ea905fff7756b2e87143ffccaece5cdb44267
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.