CVE-2026-23264
Use-After-Free in Linux AMDGPU Driver Causes System Crashes
Publication date: 2026-03-18
Last updated on: 2026-03-18
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves the Linux kernel where a specific commit related to AMD GPU power management (ASPM) was reverted incorrectly. The reverted commit was meant to check if ASPM (Active State Power Management) is enabled from the PCIe subsystem. After a later commit removed this check, the reverted commit was mistakenly applied again, causing very hard to debug crashes on systems with two AMD GPUs when only one supports ASPM.
How can this vulnerability impact me? :
The vulnerability can cause very hard to debug system crashes on machines that have two AMD GPUs where only one of the GPUs supports ASPM. This can lead to system instability and potential downtime.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
What immediate steps should I take to mitigate this vulnerability?
I don't know