CVE-2026-43370 PUBLISHED

drm/amdgpu: Fix use-after-free race in VM acquire

Assigner: Linux
Reserved: 01.05.2026 Published: 08.05.2026 Updated: 09.05.2026

In the Linux kernel, the following vulnerability has been resolved:

drm/amdgpu: Fix use-after-free race in VM acquire

Replace non-atomic vm->process_info assignment with cmpxchg() to prevent race when parent/child processes sharing a drm_file both try to acquire the same VM after fork().

(cherry picked from commit c7c573275ec20db05be769288a3e3bb2250ec618)

Product Status

Vendor Linux
Product Linux
Versions Default: unaffected
  • affected from ede0dd86f45adf2b7083bb161f6bc81da5fe2bad to ae87aea330c24f462fc7058ed543ba8bc6798447 (excl.)
  • affected from ede0dd86f45adf2b7083bb161f6bc81da5fe2bad to 46d309996bd9251792d7dafdbaf615cf202b4447 (excl.)
  • affected from ede0dd86f45adf2b7083bb161f6bc81da5fe2bad to e61e355cbe49e585097eee28c15b862bfb1c0668 (excl.)
  • affected from ede0dd86f45adf2b7083bb161f6bc81da5fe2bad to c658c1c85ec235b7ecfbf8dbfee385b1332088f4 (excl.)
  • affected from ede0dd86f45adf2b7083bb161f6bc81da5fe2bad to 904025fa8bba1d028adade33346372b4ac1a9249 (excl.)
  • affected from ede0dd86f45adf2b7083bb161f6bc81da5fe2bad to 7885eb335d8f9e9942925d57e300a85e3f82ded4 (excl.)
  • affected from ede0dd86f45adf2b7083bb161f6bc81da5fe2bad to 94b7782d0c8024f5b88454241c8d4777076c3786 (excl.)
  • affected from ede0dd86f45adf2b7083bb161f6bc81da5fe2bad to 2c1030f2e84885cc58bffef6af67d5b9d2e7098f (excl.)
Vendor Linux
Product Linux
Versions Default: affected
  • Version 4.17 is affected
  • unaffected from 0 to 4.17 (excl.)
  • unaffected from 5.10.253 to 5.10.* (incl.)
  • unaffected from 5.15.203 to 5.15.* (incl.)
  • unaffected from 6.1.167 to 6.1.* (incl.)
  • unaffected from 6.6.130 to 6.6.* (incl.)
  • unaffected from 6.12.78 to 6.12.* (incl.)
  • unaffected from 6.18.19 to 6.18.* (incl.)
  • unaffected from 6.19.9 to 6.19.* (incl.)
  • unaffected from 7.0 to * (incl.)

References