CVE-2026-23163

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw in the drm/amdgpu subsystem, specifically within the amdgpu gmc filter faults remove function. On APUs like Raven and Renoir (GC 9.1.0, 9.2.2, 9.3.0), the ih1 and ih2 interrupt ring buffers are not initialized. The issue arises because the function unconditionally uses ih1 to retrieve a timestamp, leading to a NULL pointer dereference when retry faults are enabled and the function is called during SVM page fault recovery. This can result in a kernel crash. The problem was exposed by a recent commit that changed the default retry fault handling for Renoir APUs. The fix involves adding a check for ih1.ring size before accessing it and restoring soft ih support. The vulnerable function is amdgpu gmc filter faults remove(), which calls amdgpu ih decode iv ts helper().

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.