CVE-2021-4460

HIGH

Linux Kernel - Out-of-bounds Read in DRM AMDKFD Queue Count Handling

Title source: llm
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix UBSAN shift-out-of-bounds warning If get_num_sdma_queues or get_num_xgmi_sdma_queues is 0, we end up doing a shift operation where the number of bits shifted equals number of bits in the operand. This behaviour is undefined. Set num_sdma_queues or num_xgmi_sdma_queues to ULLONG_MAX, if the count is >= number of bits in the operand. Bug: https://gitlab.freedesktop.org/drm/amd/-/issues/1472

Scores

CVSS v3 7.1
EPSS 0.0015
EPSS Percentile 4.6%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-125
Status published
Products (13)
Linux/Linux < 3.19
Linux/Linux 3.19
Linux/Linux 4a488a7ad71401169cecee75dc94bcce642e2c53 - 0c0356ef2498c1a250fe3846f30293f828737309
Linux/Linux 4a488a7ad71401169cecee75dc94bcce642e2c53 - 1874b0ef1426b873de94c61861e38f29a8df714c
Linux/Linux 4a488a7ad71401169cecee75dc94bcce642e2c53 - 3fdc5182700910a685d23df57d65166e8556a266
Linux/Linux 4a488a7ad71401169cecee75dc94bcce642e2c53 - 50e2fc36e72d4ad672032ebf646cecb48656efe0
Linux/Linux 4a488a7ad71401169cecee75dc94bcce642e2c53 - 9069b1b542de8f3bbffef868aff41521b21485cf
Linux/Linux 5.10.36 - 5.10.*
Linux/Linux 5.11.20 - 5.11.*
Linux/Linux 5.12.3 - 5.12.*
... and 3 more
Published Oct 01, 2025
Tracked Since Feb 18, 2026