CVE-2026-46276
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
08/06/2026
Last modified:
08/07/2026
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
drm/amdgpu: fix zero-size GDS range init on RDNA4<br />
<br />
RDNA4 (GFX 12) hardware removes the GDS, GWS, and OA on-chip memory<br />
resources. The gfx_v12_0 initialisation code correctly leaves<br />
adev->gds.gds_size, adev->gds.gws_size, and adev->gds.oa_size at<br />
zero to reflect this.<br />
<br />
amdgpu_ttm_init() unconditionally calls amdgpu_ttm_init_on_chip() for<br />
each of these resources regardless of size. When the size is zero,<br />
amdgpu_ttm_init_on_chip() forwards the call to ttm_range_man_init(),<br />
which calls drm_mm_init(mm, 0, 0). drm_mm_init() immediately fires<br />
DRM_MM_BUG_ON(start + size
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.20 (including) | 5.10.258 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.11 (including) | 5.15.209 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.16 (including) | 6.1.175 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.2 (including) | 6.6.140 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.7 (including) | 6.12.86 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.13 (including) | 6.18.27 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.19 (including) | 7.0.4 (excluding) |
| cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/095a8b0ad3c3b5cdc3850d961adb8a8f735220bb
- https://git.kernel.org/stable/c/0e21db1a77967bc15df662efdca8ea8a61d124ea
- https://git.kernel.org/stable/c/1f5d33e7b0a9a2a140f46e22fb52eede323c5946
- https://git.kernel.org/stable/c/30c000a49094ec568c9b51b7421f7a4a3f0b0298
- https://git.kernel.org/stable/c/36f9602fb22ede69fcc8b422be0cf8105bf655ad
- https://git.kernel.org/stable/c/3e26c76891ab99fa173e9c501119fbb5c9f4600f
- https://git.kernel.org/stable/c/9bc925759c05feae7dfa9570e77131d54729c8ea
- https://git.kernel.org/stable/c/be0376affcafa0bbb371bb501579a825eae32281



