Description
In the Linux kernel, the following vulnerability has been resolved:

drm/amdgpu: clean up the amdgpu_cs_parser_bos

In low memory conditions, kmalloc can fail. In such conditions
unlock the mutex for a clean exit.

We do not need to amdgpu_bo_list_put as it's been handled in the
amdgpu_cs_parser_fini.
Published: 2026-05-27
Score: n/a
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability resides in the AMDGPU command submission parser within the Linux kernel. During low‑memory situations, a kmalloc failure can occur. The parser then exits without unlocking its mutex, which can cause a deadlock or kernel hang. The supplied patch eliminates an unnecessary reference to the buffer‑object list and guarantees the mutex is released on allocation failure, preventing the deadlock scenario.

Affected Systems

Systems that run a Linux kernel with the AMDGPU driver and contain the legacy amdgpu_cs_parser_bos code path are affected. The CVE does not specify a particular kernel version, so any kernel that implements the old path could be impacted until the patch is applied.

Risk and Exploitability

No CVSS or EPSS score is reported, and the vulnerability is not listed in CISA KEV. Exploitation requires a low‑memory condition and affects only internal kernel structures, making the practical risk low to moderate. The primary concern is system stability rather than direct security compromise.

Generated by OpenCVE AI on May 27, 2026 at 18:45 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the kernel patch from the following git references: https://git.kernel.org/stable/c/0905a1d4a5500ecf11f1c0079098e3a351d22163 and https://git.kernel.org/stable/c/f025a2b8d93358467b8e8f4b3a617e88c5f02fab
  • Upgrade to a later Linux kernel release that contains the fixed kernel source
  • Disable the AMDGPU driver if an upgrade or patch cannot be applied immediately, to prevent potential deadlock

Generated by OpenCVE AI on May 27, 2026 at 18:45 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 27 May 2026 19:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-823

Wed, 27 May 2026 14:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: clean up the amdgpu_cs_parser_bos In low memory conditions, kmalloc can fail. In such conditions unlock the mutex for a clean exit. We do not need to amdgpu_bo_list_put as it's been handled in the amdgpu_cs_parser_fini.
Title drm/amdgpu: clean up the amdgpu_cs_parser_bos
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-05-27T12:18:37.936Z

Reserved: 2026-05-13T15:03:33.090Z

Link: CVE-2026-45979

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-27T14:17:15.023

Modified: 2026-05-27T14:48:03.013

Link: CVE-2026-45979

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-27T21:00:13Z

Weaknesses