CVE-2026-43370 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix use-after-free race in VM acquire Replace non-atomic vm->process_info assignment with cmpxchg() to prevent race when parent/child processes sharing a drm_file both try to acquire the same VM after fork(). (cherry picked from commit c7c573275ec20db05be769288a3e3bb2250ec618)

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

References

Link	Providers
https://git.kernel.org/stable/c/2c1030f2e84885cc58bffef6af67d5b9d2e7098f
https://git.kernel.org/stable/c/46d309996bd9251792d7dafdbaf615cf202b4447
https://git.kernel.org/stable/c/7885eb335d8f9e9942925d57e300a85e3f82ded4
https://git.kernel.org/stable/c/904025fa8bba1d028adade33346372b4ac1a9249
https://git.kernel.org/stable/c/94b7782d0c8024f5b88454241c8d4777076c3786
https://git.kernel.org/stable/c/ae87aea330c24f462fc7058ed543ba8bc6798447
https://git.kernel.org/stable/c/c658c1c85ec235b7ecfbf8dbfee385b1332088f4
https://git.kernel.org/stable/c/e61e355cbe49e585097eee28c15b862bfb1c0668
https://lore.kernel.org/linux-cve-announce/2026050829-CVE-2026-43370-4d49@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2026-43370
https://www.cve.org/CVERecord?id=CVE-2026-43370

History

Sat, 09 May 2026 00:15:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2026050829-CVE-2026-43370-4d49@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2026-43370 https://www.cve.org/CVERecord?id=CVE-2026-43370

Fri, 08 May 2026 20:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-416

Fri, 08 May 2026 14:45:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix use-after-free race in VM acquire Replace non-atomic vm->process_info assignment with cmpxchg() to prevent race when parent/child processes sharing a drm_file both try to acquire the same VM after fork(). (cherry picked from commit c7c573275ec20db05be769288a3e3bb2250ec618)
Title		drm/amdgpu: Fix use-after-free race in VM acquire
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/2c1030f2e84885cc58bffef6af67d5b9d2e7098f https://git.kernel.org/stable/c/46d309996bd9251792d7dafdbaf615cf202b4447 https://git.kernel.org/stable/c/7885eb335d8f9e9942925d57e300a85e3f82ded4 https://git.kernel.org/stable/c/904025fa8bba1d028adade33346372b4ac1a9249 https://git.kernel.org/stable/c/94b7782d0c8024f5b88454241c8d4777076c3786 https://git.kernel.org/stable/c/ae87aea330c24f462fc7058ed543ba8bc6798447 https://git.kernel.org/stable/c/c658c1c85ec235b7ecfbf8dbfee385b1332088f4 https://git.kernel.org/stable/c/e61e355cbe49e585097eee28c15b862bfb1c0668

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-05-08T14:21:21.926Z

Updated: 2026-05-09T04:10:42.009Z

Reserved: 2026-05-01T14:12:56.006Z

Link: CVE-2026-43370

Vulnrichment

No data.

NVD

Status : Received

Published: 2026-05-08T15:16:48.067

Modified: 2026-05-08T15:16:48.067

Link: CVE-2026-43370

Redhat

Severity :

Publid Date: 2026-05-08T00:00:00Z

Links: CVE-2026-43370 - Bugzilla

Metrics

Affected Vendors & Products

Metrics

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object