CVE-2026-53293 PUBLISHED

drm/amdgpu: fix AMDGPU_INFO_READ_MMR_REG

Assigner: Linux
Reserved: 09.06.2026 Published: 26.06.2026 Updated: 26.06.2026

In the Linux kernel, the following vulnerability has been resolved:

drm/amdgpu: fix AMDGPU_INFO_READ_MMR_REG

There were multiple issues in that code.

First of all the order between the reset semaphore and the mm_lock was wrong (e.g. copy_to_user) was called while holding the lock.

Then we allocated memory while holding the reset semaphore which is also a pretty big bug and can deadlock.

Then we used down_read_trylock() instead of waiting for the reset to finish.

(cherry picked from commit 361b6e6b303d4b691f6c5974d3eaab67ca6dd90e)

Product Status

Vendor Linux
Product Linux
Versions Default: unaffected
  • affected from 8361e3f7882876d98ba98cae0d3149450dd80912 to 8c4254c8f5836e77ae83e7fc037f02b69f7a0977 (excl.)
  • affected from 9e823f307074c0f82b5f6044943b0086e3079bed to 61957c2e467b39b528a290016367d32a433fa846 (excl.)
  • affected from 9e823f307074c0f82b5f6044943b0086e3079bed to a31c3feb54b15a90232e497ad0e27e8a82052d8d (excl.)
  • affected from 9e823f307074c0f82b5f6044943b0086e3079bed to 5c29d20470d4566d1b68df57097d642d01f8b427 (excl.)
  • affected from 9e823f307074c0f82b5f6044943b0086e3079bed to 0ef196a208385b7d7da79f411c161b04e97283e2 (excl.)
  • Version 17a98c942cb106ec08564e8f43b5470a4dd5d3f6 is affected
  • Version 9a98563345697bdb1d3410ff428473b2e781f4db is affected
  • affected from 6.6.55 to 6.6.141 (excl.)
  • affected from 6.10.14 to 6.11 (excl.)
  • affected from 6.11.3 to 6.12 (excl.)
Vendor Linux
Product Linux
Versions Default: affected
  • Version 6.12 is affected
  • unaffected from 0 to 6.12 (excl.)
  • unaffected from 6.6.141 to 6.6.* (incl.)
  • unaffected from 6.12.91 to 6.12.* (incl.)
  • unaffected from 6.18.33 to 6.18.* (incl.)
  • unaffected from 7.0.10 to 7.0.* (incl.)
  • unaffected from 7.1 to * (incl.)

References