SB2026063008 - Improper handling of exceptional conditions in Linux kernel char agp driver

Description

This security bulletin contains information about 1 vulnerability.

1) Improper handling of exceptional conditions (CVE-ID: CVE-2026-53325)

CWE-ID: CWE-755 - Improper Handling of Exceptional Conditions

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a local user to cause a denial of service.

The vulnerability exists due to improper exception handling in agp_amd64_probe() in the AMD64 AGP driver when probing for AMD northbridge hardware in a virtualized environment without a physical AMD northbridge. A local user can trigger driver initialization to cause a denial of service.

The issue occurs because a negative error from cache_nbs() is not handled correctly, allowing initialization to continue until a NULL pointer is dereferenced in amd64_fetch_size().

Remediation

Install update from vendor's website.

References

• https://git.kernel.org/stable/c/0aa9b27c454c53074cde592eaceb442d30341585
• https://git.kernel.org/stable/c/53483a9f4ee9eeb18aa866ec16cce79e136987e1
• https://git.kernel.org/stable/c/b08472db93b1ccff84a7adec5779d47f0e9d3a30
• https://git.kernel.org/stable/c/cefe535a60a2e00e09f4b2689b0c8ffc6912459a