CVE-2026-23358
Received Received - Intake
Use-After-Free in Linux Kernel AMDGPU Slot Reset Error Handling

Publication date: 2026-03-25

Last updated on: 2026-04-24

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix error handling in slot reset If the device has not recovered after slot reset is called, it goes to out label for error handling. There it could make decision based on uninitialized hive pointer and could result in accessing an uninitialized list. Initialize the list and hive properly so that it handles the error situation and also releases the reset domain lock which is acquired during error_detected callback. (cherry picked from commit bb71362182e59caa227e4192da5a612b09349696)
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-25
Last Modified
2026-04-24
Generated
2026-05-07
AI Q&A
2026-03-25
EPSS Evaluated
2026-05-05
NVD
CVE-2026-23358
EUVD
EUVD-2026-15334
Affected Vendors & Products
Showing 10 associated CPEs
Vendor Product Version / Range
linux linux_kernel 6.16
linux linux_kernel From 6.19 (inc) to 6.19.7 (exc)
linux linux_kernel 7.0
linux linux_kernel 7.0
linux linux_kernel 7.0
linux linux_kernel 7.0
linux linux_kernel 7.0
linux linux_kernel 7.0
linux linux_kernel 7.0
linux linux_kernel From 6.16.1 (inc) to 6.18.17 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-908 The product uses or accesses a resource that has not been initialized.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability exists in the Linux kernel's drm/amdgpu component related to error handling during a slot reset. If the device does not recover after a slot reset, the error handling code may access an uninitialized list due to an uninitialized hive pointer. This improper initialization can lead to incorrect behavior or potential crashes.


How can this vulnerability impact me? :

The vulnerability can cause the system to behave unpredictably or crash when error handling is triggered during a slot reset in the drm/amdgpu driver. This could lead to system instability or denial of service conditions if the device fails to recover properly.


What immediate steps should I take to mitigate this vulnerability?

The vulnerability has been resolved by fixing error handling in the drm/amdgpu component of the Linux kernel. To mitigate this vulnerability, you should update your Linux kernel to a version that includes the fix (cherry picked from commit bb71362182e59caa227e4192da5a612b09349696). This ensures proper initialization of the list and hive pointers during error handling and releases the reset domain lock correctly.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart