Volerion logoVolerion
Volerion logoVolerion

Linux Kernel AMDGPU User Queue Reference Leak Vulnerability

Vulnerability

A reference leak vulnerability has been identified in the Linux kernel's AMDGPU user queue implementation. This issue arises in the 'amdgpu_userq_wait_ioctl' function, where references to synchronization objects and timeline fences are not properly released when the ioctl operation is aborted due to the output array being too small. The vulnerability is present in Linux kernel versions 6.16 and later.

Impact

The vulnerability could lead to a reference leak, where unused references are not properly released, potentially causing memory management issues.

Reproduction

The vulnerability can be reproduced by invoking the 'amdgpu_userq_wait_ioctl' function with an output array that is too small to accommodate the required data. This will trigger the ioctl abortion process, during which the references to the syncobj and timeline fence are not properly dropped, leading to a reference leak.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been addressed.

Added: May 8, 2026, 9:01 PM
Updated: May 8, 2026, 9:01 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
0.6
exploitability
4.3
remediation
7.7
relevance
7.8
threat
4.8
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.