SB20260626207 - Heap-based buffer overflow in Linux kernel amd amdkfd driver
Published: June 26, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 vulnerability.
1) Heap-based buffer overflow (CVE-ID: CVE-2026-53143)
CWE-ID: CWE-122 - Heap-based Buffer Overflow
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local user to disclose sensitive information and corrupt memory.
The vulnerability exists due to a heap-based buffer overflow in the amdkfd v11 MQD manager SDMA queue checkpoint and restore handlers when processing CRIU checkpoint and restore operations for SDMA queues on GFX11. A local user can trigger checkpoint or restore of an SDMA queue to disclose sensitive information and corrupt memory.
The issue is specific to v11 SDMA queues on Navi3x during CRIU checkpoint and restore.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/16dad1fb0d783a4008de30e32d0038c393de05b1
- https://git.kernel.org/stable/c/2c5b66c9b4057b385566940935ebc32f6e6ebfd2
- https://git.kernel.org/stable/c/352ea59028ea48a6fff77f19ae28f98f71946a80
- https://git.kernel.org/stable/c/d02f05d30f35b036f7cbaf72de634affb5b38ec6
- https://git.kernel.org/stable/c/d3efcadfe3eea5b4263b8f2d4463b15c9fc46a64