Description
In the Linux kernel, the following vulnerability has been resolved:

drm/amd/ras: Fix NULL deref in ras_core_ras_interrupt_detected()

Fixes a NULL pointer dereference when ras_core is NULL and ras_core->dev
is accessed in the error path.

Reported by: Dan Carpenter <dan.carpenter@linaro.org>
Published: 2026-06-26
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A flaw in the AMD RAS driver for Linux causes a null pointer dereference when the variable ras_core is null and its member dev is accessed during an error path. The result is a kernel panic that leads to a denial of service. The underlying weakness is a classic NULL pointer dereference (CWE‑476).

Affected Systems

All Linux kernels that include the AMD RAS driver but have not applied the commit that inserts the null‑check are affected. This encompasses any distribution shipping a kernel version prior to the patch, as the CVE is listed for Linux:Linux.

Risk and Exploitability

The CVSS score of 5.5 indicates moderate severity. The EPSS score of <1% suggests a low probability of exploitation. It is not listed in the CISA KEV catalog. Based on the description, the bug appears during an error path that likely requires local or privileged execution; thus exploitation most probably originates from a local attacker with sufficient kernel access. The risk to confidentiality and integrity is low, whereas availability is impacted if a crash occurs.

Generated by OpenCVE AI on June 30, 2026 at 02:09 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the Linux kernel to a version that contains the ras_core_ras_interrupt_detected null‑check patch.
  • Reboot the system to load the updated kernel and ensure the AMD RAS driver functions correctly.
  • If a newer kernel is not immediately available, consider disabling the AMD RAS driver (e.g., by unloading it with modprobe –r) until the patch becomes available as a temporary mitigation.

Generated by OpenCVE AI on June 30, 2026 at 02:09 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 30 Jun 2026 02:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-476

Tue, 30 Jun 2026 00:45:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

threat_severity

Low


Fri, 26 Jun 2026 20:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: drm/amd/ras: Fix NULL deref in ras_core_ras_interrupt_detected() Fixes a NULL pointer dereference when ras_core is NULL and ras_core->dev is accessed in the error path. Reported by: Dan Carpenter <dan.carpenter@linaro.org>
Title drm/amd/ras: Fix NULL deref in ras_core_ras_interrupt_detected()
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-06-26T19:41:08.988Z

Reserved: 2026-06-09T07:44:35.397Z

Link: CVE-2026-53316

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

Severity : Low

Publid Date: 2026-06-26T00:00:00Z

Links: CVE-2026-53316 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-06-30T02:15:03Z

Weaknesses