Primary

Context

Linux Kernel FPU Protection Vulnerability in AMD Display Driver

Vulnerability

A vulnerability in the Linux kernel's AMD display driver can lead to a general protection fault, particularly when running WebGL Aquarium with DRM debug logs enabled. The issue arises in the 'dcn30_internal_validate_bw' function, where doubles are improperly initialized, creating a non-canonical address that causes a fault. This vulnerability affects several Linux kernel versions, including 5.15.30.

Impact

Exploitation of this vulnerability causes a general protection fault, disrupting normal operation and potentially leading to a crash.

Reproduction

The vulnerability can be reproduced by running the WebGL Aquarium application for an extended period while DRM debug logs are enabled. Within approximately ten minutes, the general protection fault will occur, likely due to the improper handling of floating-point data in the AMD display driver's bandwidth validation process.

Remediation

Users should update to the latest version of the Linux kernel where this vulnerability has been addressed.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.3

remediation

0.0

relevance

0.0

threat

4.8

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.3

remediation

0.0

relevance

0.0

threat

4.8

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel FPU Protection Vulnerability in AMD Display Driver

Vulnerability

Impact

Reproduction

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating