5.5

CVE-2026-46276

drm/amdgpu: fix zero-size GDS range init on RDNA4

In the Linux kernel, the following vulnerability has been resolved:

drm/amdgpu: fix zero-size GDS range init on RDNA4

RDNA4 (GFX 12) hardware removes the GDS, GWS, and OA on-chip memory
resources. The gfx_v12_0 initialisation code correctly leaves
adev->gds.gds_size, adev->gds.gws_size, and adev->gds.oa_size at
zero to reflect this.

amdgpu_ttm_init() unconditionally calls amdgpu_ttm_init_on_chip() for
each of these resources regardless of size. When the size is zero,
amdgpu_ttm_init_on_chip() forwards the call to ttm_range_man_init(),
which calls drm_mm_init(mm, 0, 0). drm_mm_init() immediately fires
DRM_MM_BUG_ON(start + size <= start) -- trivially true when size is
zero -- crashing the kernel during modprobe of amdgpu on an RX 9070 XT.

Guard against this by returning 0 early from
amdgpu_ttm_init_on_chip() when size_in_page is zero. This skips TTM
resource manager registration for hardware resources that are absent,
without affecting any other GPU type.

DRM_MM_BUG_ON() only asserts if CONFIG_DRM_DEBUG_MM is enabled in
the kernel config.  This is apparently rarely enabled as these chips
have been in the market for over a year and this issue was only reported
now.

Oops-Analysis: http://oops.fenrus.org/reports/bugzilla.korg/221376/report.html
(cherry picked from commit 5719ce5865279cad4fd5f01011fe037168503f2d)
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 4.20 < 5.10.258
LinuxLinux Kernel Version >= 5.11 < 5.15.209
LinuxLinux Kernel Version >= 5.16 < 6.1.175
LinuxLinux Kernel Version >= 6.2 < 6.6.140
LinuxLinux Kernel Version >= 6.7 < 6.12.86
LinuxLinux Kernel Version >= 6.13 < 6.18.27
LinuxLinux Kernel Version >= 6.19 < 7.0.4
LinuxLinux Kernel Version7.1 Updaterc1
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.12% 0.024
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/1f5d33e7b0a9a2a140f46e22fb52eede323c5946
Patch
https://git.kernel.org/stable/c/9bc925759c05feae7dfa9570e77131d54729c8ea
Patch
https://git.kernel.org/stable/c/36f9602fb22ede69fcc8b422be0cf8105bf655ad
Patch
https://git.kernel.org/stable/c/be0376affcafa0bbb371bb501579a825eae32281
Patch
https://git.kernel.org/stable/c/0e21db1a77967bc15df662efdca8ea8a61d124ea
Patch
https://git.kernel.org/stable/c/30c000a49094ec568c9b51b7421f7a4a3f0b0298
Patch
https://git.kernel.org/stable/c/3e26c76891ab99fa173e9c501119fbb5c9f4600f
Patch
https://git.kernel.org/stable/c/095a8b0ad3c3b5cdc3850d961adb8a8f735220bb
Patch