CVE-2026-23358Access of Uninitialized Pointer in Linux

CWE-824Access of Uninitialized Pointer7 documents6 sources
Severity
5.3MEDIUM
No vector
EPSS
0.0%
top 94.14%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedMar 25

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix error handling in slot reset If the device has not recovered after slot reset is called, it goes to out label for error handling. There it could make decision based on uninitialized hive pointer and could result in accessing an uninitialized list. Initialize the list and hive properly so that it handles the error situation and also releases the reset domain lock which is acquired during error_detected callback

Affected Packages4 packages

Linuxlinux/linux_kernel6.16.06.18.17+1
Debianlinux/linux_kernel< 6.19.8-1
CVEListV5linux/linux732c6cefc1ecfc8de5d7a2029480798655d979d873e8bdf14248136459753252a438177df7ed8c7c+3
debiandebian/linux< linux 6.19.8-1 (forky)

🔴Vulnerability Details

3
OSV
CVE-2026-23358: In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix error handling in slot reset If the device has not recovered after2026-03-25
GHSA
GHSA-mg69-hwrw-4w98: In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix error handling in slot reset If the device has not recovered aft2026-03-25
OSV
drm/amdgpu: Fix error handling in slot reset2026-03-25

📋Vendor Advisories

2
Red Hat
kernel: drm/amdgpu: Fix error handling in slot reset2026-03-25
Debian
CVE-2026-23358: linux - In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu:...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-23358 Impact, Exploitability, and Mitigation Steps | Wiz