CVE-2026-46229
EUVD-2026-3285628.05.2026, 10:16
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Clear VRAM on allocation to prevent stale data exposure KFD VRAM allocations set AMDGPU_GEM_CREATE_VRAM_WIPE_ON_RELEASE but not AMDGPU_GEM_CREATE_VRAM_CLEARED, leaving freshly allocated VRAM with stale data from prior use observable by compute kernels. The GEM ioctl path already sets VRAM_CLEARED for all userspace allocations via amdgpu_gem_create_ioctl() and amdgpu_mode_dumb_create(). The KFD path was missing this flag, allowing stale page table remnants to leak into user buffers. This causes crashes in RCCL P2P transport where non-zero data in ptrExchange/head/tail fields corrupts the protocol handshake.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| linux | linux_kernel | 5.4 ≤ 𝑥 < 6.6.140 |
| linux | linux_kernel | 6.7 ≤ 𝑥 < 6.12.90 |
| linux | linux_kernel | 6.13 ≤ 𝑥 < 6.18.32 |
| linux | linux_kernel | 6.19 ≤ 𝑥 < 7.0.9 |
𝑥
= Vulnerable software versions
Debian Releases
openSUSE / SLES Releases
openSUSE Product | |||||||
|---|---|---|---|---|---|---|---|
| kernel-64kb |
| ||||||
| kernel-default |
| ||||||
| kernel-default-base |
| ||||||
| kernel-obs-build |
| ||||||
| kernel-source |
| ||||||
| kernel-zfcpdump |
|
Vulnerability Media Exposure
References