CVE-2026-53293

Summary

In the Linux kernel, the following vulnerability has been resolved:

drm/amdgpu: fix AMDGPU_INFO_READ_MMR_REG

There were multiple issues in that code.

First of all the order between the reset semaphore and the mm_lock was wrong (e.g. copy_to_user) was called while holding the lock.

Then we allocated memory while holding the reset semaphore which is also a pretty big bug and can deadlock.

Then we used down_read_trylock() instead of waiting for the reset to finish.

(cherry picked from commit 361b6e6b303d4b691f6c5974d3eaab67ca6dd90e)

Affected Software

VendorProductVersion RangeStatus
LinuxLinux8361e3f7882876d98ba98cae0d3149450dd80912 < 8c4254c8f5836e77ae83e7fc037f02b69f7a0977affected
LinuxLinux9e823f307074c0f82b5f6044943b0086e3079bed < 61957c2e467b39b528a290016367d32a433fa846affected
LinuxLinux9e823f307074c0f82b5f6044943b0086e3079bed < a31c3feb54b15a90232e497ad0e27e8a82052d8daffected
LinuxLinux9e823f307074c0f82b5f6044943b0086e3079bed < 5c29d20470d4566d1b68df57097d642d01f8b427affected
LinuxLinux9e823f307074c0f82b5f6044943b0086e3079bed < 0ef196a208385b7d7da79f411c161b04e97283e2affected
LinuxLinux17a98c942cb106ec08564e8f43b5470a4dd5d3f6affected
LinuxLinux9a98563345697bdb1d3410ff428473b2e781f4dbaffected
LinuxLinux6.6.55 < 6.6.141affected
LinuxLinux6.10.14 < 6.11affected
LinuxLinux6.11.3 < 6.12affected
LinuxLinux6.12affected
LinuxLinux0 < 6.12unaffected
LinuxLinux6.6.141 <= 6.6.*unaffected
LinuxLinux6.12.91 <= 6.12.*unaffected
LinuxLinux6.18.33 <= 6.18.*unaffected
LinuxLinux7.0.10 <= 7.0.*unaffected
LinuxLinux7.1 <= *unaffected

Weaknesses

References