CVE-2026-43369

Published: May 8, 2026

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix NULL pointer dereference in device cleanup When GPU initialization fails due to an unsupported HW block IP blocks may have a NULL version pointer. During cleanup in amdgpu_device_fini_hw, the code calls amdgpu_device_set_pg_state and amdgpu_device_set_cg_state which iterate over all IP blocks and access adev->ip_blocks[i].version without NULL checks, leading to a kernel NULL pointer dereference. Add NULL checks for adev->ip_blocks[i].version in both amdgpu_device_set_cg_state and amdgpu_device_set_pg_state to prevent dereferencing NULL pointers during GPU teardown when initialization has failed. (cherry picked from commit b7ac77468cda92eecae560b05f62f997a12fe2f2)

Vendor	Product	Versions
Linux	Linux	affected `fc58ef30e0a1524ce72a8e873d773ba3b0830c7d - < 43025c941aced9a9009f9ff20eea4eb78c61deb8` affected `6d7ac4a0ebb6b7bc885274aa8b2bd9971f07013c - < 767cd24d3c4ae847688877def4891943f6611ecd` affected `39fc2bc4da0082c226cbee331f0a5d44db3997da - < 062ea905fff7756b2e87143ffccaece5cdb44267`
Linux	Linux	affected `6.18.16 - < 6.18.19` affected `6.19.6 - < 6.19.9`

References

https://git.kernel.org/stable/c/43025c941aced9a9009f9ff20eea4eb78c61deb8

https://git.kernel.org/stable/c/767cd24d3c4ae847688877def4891943f6611ecd

https://git.kernel.org/stable/c/062ea905fff7756b2e87143ffccaece5cdb44267

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2026-43369

Description

Affected Products

References