CVE-2026-43369

MEDIUM

Linux 6.18.16-6.18.19 and 6.19.6-6.19.9 - NULL Pointer Dereference in amdgpu_device_fini_hw

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix NULL pointer dereference in device cleanup When GPU initialization fails due to an unsupported HW block IP blocks may have a NULL version pointer. During cleanup in amdgpu_device_fini_hw, the code calls amdgpu_device_set_pg_state and amdgpu_device_set_cg_state which iterate over all IP blocks and access adev->ip_blocks[i].version without NULL checks, leading to a kernel NULL pointer dereference. Add NULL checks for adev->ip_blocks[i].version in both amdgpu_device_set_cg_state and amdgpu_device_set_pg_state to prevent dereferencing NULL pointers during GPU teardown when initialization has failed. (cherry picked from commit b7ac77468cda92eecae560b05f62f997a12fe2f2)

References (3)

Core 3

Core References

https://git.kernel.org/stable/c/43025c941aced9a9009f9ff20eea4eb78c61deb8

https://git.kernel.org/stable/c/767cd24d3c4ae847688877def4891943f6611ecd

https://git.kernel.org/stable/c/062ea905fff7756b2e87143ffccaece5cdb44267

Scores

CVSS v3 5.5

EPSS 0.0001

EPSS Percentile 2.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-476

Status published

Products (6)

Linux/Linux 39fc2bc4da0082c226cbee331f0a5d44db3997da - 062ea905fff7756b2e87143ffccaece5cdb44267

Linux/Linux 6.18.16 - 6.18.19

Linux/Linux 6.19.6 - 6.19.9

Linux/Linux 6d7ac4a0ebb6b7bc885274aa8b2bd9971f07013c - 767cd24d3c4ae847688877def4891943f6611ecd

Linux/Linux fc58ef30e0a1524ce72a8e873d773ba3b0830c7d - 43025c941aced9a9009f9ff20eea4eb78c61deb8

linux/linux_kernel 6.18.16 - 6.18.19

Published May 08, 2026

Tracked Since May 08, 2026