Skip to main content

Linux EUVDEUVD-2026-15334

| CVE-2026-23358 MEDIUM
Use of Uninitialized Resource (CWE-908)
2026-03-25 Linux GHSA-mg69-hwrw-4w98
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
SUSE
5.8 MEDIUM
AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

5
CVSS changed
Apr 24, 2026 - 19:07 NVD
5.5 (MEDIUM)
Patch released
Mar 31, 2026 - 21:13 nvd
Patch available
EUVD ID Assigned
Mar 25, 2026 - 10:45 euvd
EUVD-2026-15334
Analysis Generated
Mar 25, 2026 - 10:45 vuln.today
CVE Published
Mar 25, 2026 - 10:27 nvd
N/A

DescriptionCVE.org

In the Linux kernel, the following vulnerability has been resolved:

drm/amdgpu: Fix error handling in slot reset

If the device has not recovered after slot reset is called, it goes to out label for error handling. There it could make decision based on uninitialized hive pointer and could result in accessing an uninitialized list.

Initialize the list and hive properly so that it handles the error situation and also releases the reset domain lock which is acquired during error_detected callback.

(cherry picked from commit bb71362182e59caa227e4192da5a612b09349696)

AnalysisAI

A use-of-uninitialized-variable vulnerability exists in the Linux kernel's AMD GPU (drm/amdgpu) driver, specifically in the slot reset error handling path. When device recovery fails after a slot reset is called, the code branches to error handling logic that references an uninitialized hive pointer and accesses an uninitialized list, potentially leading to information disclosure or system instability. This affects Linux kernel versions across multiple stable branches, with patches available in the referenced commits.

Technical ContextAI

The vulnerability resides in the AMD GPU display/render driver (drm/amdgpu) within the Linux kernel, which manages PCIe Advanced Error Reporting (AER) and device recovery. The root cause is a CWE-457 (Use of Uninitialized Variable) condition where the hive pointer and associated list structures are not properly initialized before being dereferenced in the error-handling code path executed when pci_error_handler callbacks (specifically the slot_reset function) fail to recover the device. The drm/amdgpu driver is part of the Linux kernel's Direct Rendering Manager subsystem (CPE: cpe:2.3:a:linux:linux). Additionally, the reset domain lock acquired during the error_detected callback is not released in the failure scenario, creating a potential deadlock or resource leak.

RemediationAI

Update the Linux kernel to a version containing the fix from commit bb71362182e59caa227e4192da5a612b09349696 or its backports (commits 73e8bdf14248136459753252a438177df7ed8c7c, baf4e7968911635eb816870af0ea587ac1457052, or b57c4ec98c17789136a4db948aec6daadceb5024). For Debian/Ubuntu systems, check kernel security advisories for updated packages. For Red Hat/CentOS systems, check RHSA advisories. For other distributions, consult your vendor's security advisory page or update to the latest stable kernel version. Since this vulnerability only manifests during PCIe error recovery of AMD Radeon GPUs, systems without AMD GPU hardware or those with stable GPU configurations are at lower risk. Mitigating factors include ensuring system stability and monitoring for PCIe errors; however, kernel patching is the authoritative fix.

Vendor StatusVendor

Debian

linux
Release Status Fixed Version Urgency
bullseye not-affected - -
bullseye (security) fixed 5.10.251-1 -
bookworm not-affected - -
bookworm (security) fixed 6.1.164-1 -
trixie not-affected - -
trixie (security) fixed 6.12.74-2 -
forky, sid fixed 6.19.8-1 -
(unstable) fixed 6.19.8-1 -

SUSE

Severity: Medium
Product Status
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise High Availability Extension 15 SP7 Fixed
SUSE Linux Enterprise High Availability Extension 15 SP7 Fixed
SUSE Linux Enterprise High Performance Computing 15 SP7 Fixed

Share

EUVD-2026-15334 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy