CVE-2026-43195
AMDGPU GPU Page Size Validation Bypass
Publication date: 2026-05-06
Last updated on: 2026-05-06
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| amd | linux_kernel | * |
| amdgpu | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, ensure that your Linux kernel is updated to a version that includes the fix for validating user queue size constraints in the amdgpu driver.
Specifically, the fix enforces that user queue sizes are powers of two and at least the size of AMDGPU_GPU_PAGE_SIZE, preventing invalid configurations that could cause GPU faults or unexpected behavior.
Therefore, applying the latest kernel updates from your distribution or compiling a patched kernel version is the immediate step to prevent exploitation.
Can you explain this vulnerability to me?
This vulnerability in the Linux kernel's AMDGPU driver relates to improper validation of user queue sizes. Specifically, the driver did not ensure that the size of user queues met certain hardware requirements.
- The size must be a power of two to allow efficient ring buffer wrapping.
- The size must be at least AMDGPU_GPU_PAGE_SIZE to avoid undersized allocations.
Without these validations, invalid queue sizes could be configured, potentially causing GPU faults or unexpected behavior.
How can this vulnerability impact me? :
If exploited or triggered, this vulnerability could lead to GPU faults or unexpected behavior in systems using the AMDGPU driver.
Such faults might cause system instability, crashes, or degraded graphics performance, impacting the reliability of applications relying on GPU processing.