{"id":"CVE-2026-43369","summary":"drm/amd: Fix NULL pointer dereference in device cleanup","details":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd: Fix NULL pointer dereference in device cleanup\n\nWhen GPU initialization fails due to an unsupported HW block\nIP blocks may have a NULL version pointer. During cleanup in\namdgpu_device_fini_hw, the code calls amdgpu_device_set_pg_state and\namdgpu_device_set_cg_state which iterate over all IP blocks and access\nadev-\u003eip_blocks[i].version without NULL checks, leading to a kernel\nNULL pointer dereference.\n\nAdd NULL checks for adev-\u003eip_blocks[i].version in both\namdgpu_device_set_cg_state and amdgpu_device_set_pg_state to prevent\ndereferencing NULL pointers during GPU teardown when initialization has\nfailed.\n\n(cherry picked from commit b7ac77468cda92eecae560b05f62f997a12fe2f2)","modified":"2026-07-08T08:13:30.421570636Z","published":"2026-05-08T14:21:21.174Z","database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/43xxx/CVE-2026-43369.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/062ea905fff7756b2e87143ffccaece5cdb44267"},{"type":"WEB","url":"https://git.kernel.org/stable/c/43025c941aced9a9009f9ff20eea4eb78c61deb8"},{"type":"WEB","url":"https://git.kernel.org/stable/c/767cd24d3c4ae847688877def4891943f6611ecd"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/43xxx/CVE-2026-43369.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-43369"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"fc58ef30e0a1524ce72a8e873d773ba3b0830c7d"},{"fixed":"43025c941aced9a9009f9ff20eea4eb78c61deb8"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"6d7ac4a0ebb6b7bc885274aa8b2bd9971f07013c"},{"fixed":"767cd24d3c4ae847688877def4891943f6611ecd"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"39fc2bc4da0082c226cbee331f0a5d44db3997da"},{"fixed":"062ea905fff7756b2e87143ffccaece5cdb44267"}]}],"versions":["v6.18.18","v6.18.17","v6.18.16","v6.19.8","v6.19.7","v6.19.6"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-43369.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"6.18.16"},{"fixed":"6.18.19"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.19.6"},{"fixed":"6.19.9"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-43369.json"}}],"schema_version":"1.7.5"}