HarborGuard / CVE
Back to search
HIGHCVE-2026-43370Published Modified CNA Linux

CVE-2026-43370: drm/amdgpu: Fix use-after-free race in VM acquire

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix use-after-free race in VM acquire Replace non-atomic vm->process_info assignment with cmpxchg() to prevent race when parent/child processes sharing a drm_file both try to acquire the same VM after fork(). (cherry picked from commit c7c573275ec20db05be769288a3e3bb2250ec618)

Metrics

CVSS v3.1
7.8
Severity
HIGH
Fixed in
0
Affected Products
2

Fix available

02c1030f2e84885cc58bffef6af67d5b9d2e7098f46d309996bd9251792d7dafdbaf615cf202b44475.10.2535.15.2036.1.1676.6.1306.12.786.18.196.19.97.07885eb335d8f9e9942925d57e300a85e3f82ded4904025fa8bba1d028adade33346372b4ac1a924994b7782d0c8024f5b88454241c8d4777076c3786ae87aea330c24f462fc7058ed543ba8bc6798447c658c1c85ec235b7ecfbf8dbfee385b1332088f4e61e355cbe49e585097eee28c15b862bfb1c0668
Affected packages
  • Linux / Linux
    < ae87aea330c24f462fc7058ed543ba8bc6798447 (from ede0dd86f45adf2b7083bb161f6bc81da5fe2bad) · < 46d309996bd9251792d7dafdbaf615cf202b4447 (from ede0dd86f45adf2b7083bb161f6bc81da5fe2bad) · < e61e355cbe49e585097eee28c15b862bfb1c0668 (from ede0dd86f45adf2b7083bb161f6bc81da5fe2bad) · < c658c1c85ec235b7ecfbf8dbfee385b1332088f4 (from ede0dd86f45adf2b7083bb161f6bc81da5fe2bad) · < 904025fa8bba1d028adade33346372b4ac1a9249 (from ede0dd86f45adf2b7083bb161f6bc81da5fe2bad) · < 7885eb335d8f9e9942925d57e300a85e3f82ded4 (from ede0dd86f45adf2b7083bb161f6bc81da5fe2bad)
  • Linux / Linux
    4.17
    Fixed in 0, 5.10.253, 5.15.203, 6.1.167, 6.6.130, 6.12.78, 6.18.19, 6.19.9, 7.0
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References
CVE-2026-43370: drm/amdgpu: Fix use-after-free race in VM acquire | HarborGuard CVE