CVE-2026-43370
Use-After-Free Race in AMDGPU VM Acquisition in Linux Kernel
Publication date: 2026-05-08
Last updated on: 2026-05-08
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a use-after-free race condition in the Linux kernel's drm/amdgpu driver. It occurs when parent and child processes that share a drm_file both try to acquire the same virtual memory (VM) after a fork() system call. The issue arises because the assignment to vm->process_info was non-atomic, allowing a race condition. The fix replaces this assignment with an atomic compare-and-exchange operation (cmpxchg) to prevent the race.
How can this vulnerability impact me? :
This use-after-free race condition could potentially lead to memory corruption or unexpected behavior in the drm/amdgpu driver when processes share a drm_file and attempt to acquire the same VM concurrently. Such issues might cause system instability, crashes, or security risks such as privilege escalation or information disclosure, depending on how the corrupted memory is exploited.