Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Local GPU device access at low privilege is required; AC:L because memory exhaustion can be deliberately induced; impact is strictly GPU availability with no confidentiality or integrity effect.
Primary rating from NVD.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
5DescriptionNVD
In the Linux kernel, the following vulnerability has been resolved:
drm/amdgpu: clean up the amdgpu_cs_parser_bos
In low memory conditions, kmalloc can fail. In such conditions unlock the mutex for a clean exit.
We do not need to amdgpu_bo_list_put as it's been handled in the amdgpu_cs_parser_fini.
AnalysisAI
Improper mutex cleanup in the Linux kernel's amdgpu DRM driver allows a local low-privileged user to cause a GPU subsystem denial-of-service on systems equipped with AMD GPU hardware. When kmalloc fails under low memory conditions inside amdgpu_cs_parser_bos, the error path previously returned without releasing the held mutex, leaving it permanently locked and stalling GPU command submission for all users. No public exploit exists and the vulnerability is not listed in CISA KEV; with an EPSS of 0.02% (5th percentile), real-world exploitation risk is low.
Technical ContextAI
The vulnerability resides in the Direct Rendering Manager (DRM) subsystem's amdgpu driver, specifically in the amdgpu_cs_parser_bos() function, which is responsible for parsing and pinning buffer objects during GPU command submission (ioctl path). When the kernel's general-purpose allocator (kmalloc) returns NULL under memory pressure, the original code returned an error code without first releasing an internal mutex, violating the invariant that all acquired locks must be freed on every exit path. This is a classic improper locking defect (analogous to CWE-667: Improper Locking), though no CWE is formally assigned to this CVE. Notably, the fix correctly omits a call to amdgpu_bo_list_put because that cleanup is already handled downstream by amdgpu_cs_parser_fini. The affected CPE is cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*, scoped to the 6.19 stable series and pre-7.0 mainline, starting from commit 737da5363cc07c96d59f2ebaf9f9f87235becf1d.
RemediationAI
The primary fix is upgrading to Linux kernel 6.19.4 (for users on the 6.19 stable series) or applying the mainline patch targeting the 7.0 release. The upstream stable commits are available at https://git.kernel.org/stable/c/0905a1d4a5500ecf11f1c0079098e3a351d22163 (6.19 stable) and https://git.kernel.org/stable/c/f025a2b8d93358467b8e8f4b3a617e88c5f02fab (mainline), as referenced in the NVD entry at https://nvd.nist.gov/vuln/detail/CVE-2026-45979. Where patching is not immediately possible, restrict untrusted local user access to AMD GPU device nodes (e.g., /dev/dri/renderD* and /dev/dri/card*) via udev rules or cgroup device controller policies - note this will prevent affected users from running GPU workloads. Additionally, configuring memory overcommit controls (vm.overcommit_memory) to reduce the likelihood of kmalloc failures under pressure can reduce exposure, though this has system-wide memory management trade-offs.
Same technique Information Disclosure
View allVendor StatusVendor
SUSE
Severity: Moderate| Product | Status |
|---|---|
| SUSE Linux Enterprise Desktop 15 SP7 | Not-Affected |
| SUSE Linux Enterprise Desktop 15 SP7 | Not-Affected |
| SUSE Linux Enterprise High Availability Extension 15 SP7 | Not-Affected |
| SUSE Linux Enterprise High Availability Extension 15 SP7 | Not-Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP7 | Not-Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP7 | Not-Affected |
| SUSE Linux Enterprise Live Patching 15 SP7 | Not-Affected |
| SUSE Linux Enterprise Live Patching 15 SP7 | Not-Affected |
| SUSE Linux Enterprise Micro 5.3 | Not-Affected |
| SUSE Linux Enterprise Micro 5.3 | Not-Affected |
| SUSE Linux Enterprise Micro 5.3 | Not-Affected |
| SUSE Linux Enterprise Micro 5.3 | Not-Affected |
| SUSE Linux Enterprise Micro 5.4 | Not-Affected |
| SUSE Linux Enterprise Micro 5.4 | Not-Affected |
| SUSE Linux Enterprise Micro 5.4 | Not-Affected |
| SUSE Linux Enterprise Micro 5.4 | Not-Affected |
| SUSE Linux Enterprise Micro 5.5 | Not-Affected |
| SUSE Linux Enterprise Micro 5.5 | Not-Affected |
| SUSE Linux Enterprise Micro 5.5 | Not-Affected |
| SUSE Linux Enterprise Module for Basesystem 15 SP7 | Not-Affected |
| SUSE Linux Enterprise Module for Basesystem 15 SP7 | Not-Affected |
| SUSE Linux Enterprise Module for Development Tools 15 SP7 | Not-Affected |
| SUSE Linux Enterprise Module for Development Tools 15 SP7 | Not-Affected |
| SUSE Linux Enterprise Module for Legacy 15 SP7 | Not-Affected |
| SUSE Linux Enterprise Module for Legacy 15 SP7 | Not-Affected |
| SUSE Linux Enterprise Module for Public Cloud 15 SP7 | Not-Affected |
| SUSE Linux Enterprise Module for Public Cloud 15 SP7 | Not-Affected |
| SUSE Linux Enterprise Real Time 15 SP7 | Not-Affected |
| SUSE Linux Enterprise Server 15 SP7 | Not-Affected |
| SUSE Linux Enterprise Server 15 SP7 | Not-Affected |
| SUSE Linux Enterprise Server 16.0 | Not-Affected |
| SUSE Linux Enterprise Server 16.0 | Not-Affected |
| SUSE Linux Enterprise Server 16.1 | Not-Affected |
| SUSE Linux Enterprise Server for SAP Applications 15 SP7 | Not-Affected |
| SUSE Linux Enterprise Server for SAP Applications 15 SP7 | Not-Affected |
| SUSE Linux Enterprise Server for SAP applications 16.0 | Not-Affected |
| SUSE Linux Enterprise Server for SAP applications 16.0 | Not-Affected |
| SUSE Linux Enterprise Server for SAP applications 16.1 | Not-Affected |
| SUSE Linux Enterprise Workstation Extension 15 SP7 | Not-Affected |
| SUSE Linux Enterprise Workstation Extension 15 SP7 | Not-Affected |
| SUSE Linux Micro 6.0 | Not-Affected |
| SUSE Linux Micro 6.0 | Not-Affected |
| SUSE Linux Micro 6.0 | Not-Affected |
| SUSE Linux Micro 6.1 | Not-Affected |
| SUSE Linux Micro 6.1 | Not-Affected |
| SUSE Linux Micro 6.1 | Not-Affected |
| SUSE Linux Micro 6.2 | Not-Affected |
| SUSE Linux Micro 6.2 | Not-Affected |
| SUSE Real Time Module 15 SP7 | Not-Affected |
| openSUSE Leap 16.0 | Not-Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP4 | Not-Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS | Not-Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS | Not-Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP5 | Not-Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS | Not-Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS | Not-Affected |
| SUSE Linux Enterprise Live Patching 12 SP5 | Not-Affected |
| SUSE Linux Enterprise Live Patching 12 SP5 | Not-Affected |
| SUSE Linux Enterprise Live Patching 15 SP4 | Not-Affected |
| SUSE Linux Enterprise Live Patching 15 SP4 | Not-Affected |
| SUSE Linux Enterprise Live Patching 15 SP5 | Not-Affected |
| SUSE Linux Enterprise Live Patching 15 SP5 | Not-Affected |
| SUSE Linux Enterprise Module for Basesystem 15 SP4 | Not-Affected |
| SUSE Linux Enterprise Module for Basesystem 15 SP5 | Not-Affected |
| SUSE Linux Enterprise Module for Basesystem 15 SP6 | Not-Affected |
| SUSE Linux Enterprise Module for Development Tools 15 SP4 | Not-Affected |
| SUSE Linux Enterprise Module for Development Tools 15 SP5 | Not-Affected |
| SUSE Linux Enterprise Module for Development Tools 15 SP6 | Not-Affected |
| SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE | Not-Affected |
| SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE | Not-Affected |
| SUSE Linux Enterprise Server 12 SP5 | Not-Affected |
| SUSE Linux Enterprise Server 12 SP5-LTSS | Not-Affected |
| SUSE Linux Enterprise Server 12 SP5-LTSS | Not-Affected |
| SUSE Linux Enterprise Server 12 SP5-LTSS Extended Security | Not-Affected |
| SUSE Linux Enterprise Server 12 SP5-LTSS Extended Security | Not-Affected |
| SUSE Linux Enterprise Server 15 SP4 | Not-Affected |
| SUSE Linux Enterprise Server 15 SP4-LTSS | Not-Affected |
| SUSE Linux Enterprise Server 15 SP4-LTSS | Not-Affected |
| SUSE Linux Enterprise Server 15 SP5 | Not-Affected |
| SUSE Linux Enterprise Server 15 SP5-LTSS | Not-Affected |
| SUSE Linux Enterprise Server 15 SP5-LTSS | Not-Affected |
| SUSE Linux Enterprise Server 15 SP6 | Not-Affected |
| SUSE Linux Enterprise Server 15 SP6-LTSS | Not-Affected |
| SUSE Linux Enterprise Server 15 SP6-LTSS | Not-Affected |
| SUSE Linux Enterprise Server LTSS Extended Security 12 SP5 | Not-Affected |
| SUSE Linux Enterprise Server for SAP Applications 15 SP6 | Not-Affected |
| SUSE Linux Enterprise Server for SAP Applications 15 SP6 | Not-Affected |
| SUSE Manager Proxy 4.3 | Not-Affected |
| SUSE Manager Proxy LTS 4.3 | Not-Affected |
| SUSE Manager Retail Branch Server 4.3 | Not-Affected |
| SUSE Manager Retail Branch Server LTS 4.3 | Not-Affected |
| SUSE Manager Server 4.3 | Not-Affected |
| SUSE Manager Server LTS 4.3 | Not-Affected |
| SUSE CaaS Platform 4.0 | Not-Affected |
| SUSE Enterprise Storage 6 | Not-Affected |
| SUSE Enterprise Storage 7 | Not-Affected |
| SUSE Enterprise Storage 7.1 | Not-Affected |
| SUSE Linux Enterprise Desktop 11 SP4 | Not-Affected |
| SUSE Linux Enterprise Desktop 12 SP4 | Not-Affected |
| SUSE Linux Enterprise Desktop 15 SP1 | Not-Affected |
| SUSE Linux Enterprise Desktop 15 SP2 | Not-Affected |
| SUSE Linux Enterprise Desktop 15 SP3 | Not-Affected |
| SUSE Linux Enterprise Desktop 15 SP4 | Not-Affected |
| SUSE Linux Enterprise Desktop 15 SP5 | Not-Affected |
| SUSE Linux Enterprise Desktop 15 SP6 | Not-Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP1 | Not-Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS | Not-Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS | Not-Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP2 | Not-Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS | Not-Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS | Not-Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP3 | Not-Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS | Not-Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS | Not-Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS | Not-Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS | Not-Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP6 | Not-Affected |
| SUSE Linux Enterprise Micro 5.0 | Not-Affected |
| SUSE Linux Enterprise Micro 5.1 | Not-Affected |
| SUSE Linux Enterprise Micro 5.2 | Not-Affected |
| SUSE Linux Enterprise Micro 5.2 | Not-Affected |
| SUSE Linux Enterprise Module for Basesystem 15 SP1 | Not-Affected |
| SUSE Linux Enterprise Module for Basesystem 15 SP2 | Not-Affected |
| SUSE Linux Enterprise Module for Basesystem 15 SP3 | Not-Affected |
| SUSE Linux Enterprise Module for Development Tools 15 SP1 | Not-Affected |
| SUSE Linux Enterprise Module for Development Tools 15 SP2 | Not-Affected |
| SUSE Linux Enterprise Module for Development Tools 15 SP3 | Not-Affected |
| SUSE Linux Enterprise Real Time 15 SP2 | Not-Affected |
| SUSE Linux Enterprise Real Time 15 SP3 | Not-Affected |
| SUSE Linux Enterprise Real Time 15 SP4 | Not-Affected |
| SUSE Linux Enterprise Real Time 15 SP4 | Not-Affected |
| SUSE Linux Enterprise Real Time 15 SP5 | Not-Affected |
| SUSE Linux Enterprise Server 11 SP4 | Not-Affected |
| SUSE Linux Enterprise Server 11 SP4-LTSS | Not-Affected |
| SUSE Linux Enterprise Server 12 SP4 | Not-Affected |
| SUSE Linux Enterprise Server 12 SP4-ESPOS | Not-Affected |
| SUSE Linux Enterprise Server 12 SP4-LTSS | Not-Affected |
| SUSE Linux Enterprise Server 12 SP4-LTSS | Not-Affected |
| SUSE Linux Enterprise Server 15 SP1 | Not-Affected |
| SUSE Linux Enterprise Server 15 SP1-BCL | Not-Affected |
| SUSE Linux Enterprise Server 15 SP1-LTSS | Not-Affected |
| SUSE Linux Enterprise Server 15 SP1-LTSS | Not-Affected |
| SUSE Linux Enterprise Server 15 SP2 | Not-Affected |
| SUSE Linux Enterprise Server 15 SP2-BCL | Not-Affected |
| SUSE Linux Enterprise Server 15 SP2-LTSS | Not-Affected |
| SUSE Linux Enterprise Server 15 SP2-LTSS | Not-Affected |
| SUSE Linux Enterprise Server 15 SP3 | Not-Affected |
| SUSE Linux Enterprise Server 15 SP3-BCL | Not-Affected |
| SUSE Linux Enterprise Server 15 SP3-LTSS | Not-Affected |
| SUSE Linux Enterprise Server 15 SP3-LTSS | Not-Affected |
| SUSE Linux Enterprise Server for SAP Applications 12 SP4 | Not-Affected |
| SUSE Linux Enterprise Server for SAP Applications 15 SP1 | Not-Affected |
| SUSE Linux Enterprise Server for SAP Applications 15 SP2 | Not-Affected |
| SUSE Linux Enterprise Server for SAP Applications 15 SP3 | Not-Affected |
| SUSE Linux Enterprise Server for SAP Applications 15 SP4 | Not-Affected |
| SUSE Linux Enterprise Server for SAP Applications 15 SP4 | Not-Affected |
| SUSE Linux Enterprise Server for SAP Applications 15 SP5 | Not-Affected |
| SUSE Linux Enterprise Server for SAP Applications 15 SP5 | Not-Affected |
| SUSE Manager Proxy 4.0 | Not-Affected |
| SUSE Manager Proxy 4.1 | Not-Affected |
| SUSE Manager Proxy 4.2 | Not-Affected |
| SUSE Manager Retail Branch Server 4.0 | Not-Affected |
| SUSE Manager Retail Branch Server 4.1 | Not-Affected |
| SUSE Manager Retail Branch Server 4.2 | Not-Affected |
| SUSE Manager Server 4.0 | Not-Affected |
| SUSE Manager Server 4.1 | Not-Affected |
| SUSE Manager Server 4.2 | Not-Affected |
| SUSE OpenStack Cloud 9 | Not-Affected |
| SUSE OpenStack Cloud Crowbar 9 | Not-Affected |
| SUSE Real Time Module 15 SP4 | Not-Affected |
| SUSE Real Time Module 15 SP5 | Not-Affected |
| openSUSE Leap 15.3 | Not-Affected |
| openSUSE Leap 15.4 | Not-Affected |
| openSUSE Leap 15.4 | Not-Affected |
| openSUSE Leap 15.5 | Not-Affected |
| openSUSE Leap 15.5 | Not-Affected |
| openSUSE Leap 15.6 | Not-Affected |
Share
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-32263
GHSA-83qm-f4cg-87hh