PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-46276 Linux CVE debrief

A vulnerability was discovered in the Linux kernel related to the initialization of zero-size GDS range on RDNA4 hardware. The RDNA4 (GFX 12) hardware removes the GDS, GWS, and OA on-chip memory resources. However, the gfx_v12_0 initialization code correctly sets the sizes of these resources to zero to reflect this. The issue arises when amdgpu_ttm_init() unconditionally calls amdgpu_ttm_init_on_chip() for each of these resources, regardless of their size. When the size is zero, amdgpu_ttm_init_on_chip() calls ttm_range_man_init(), which in turn calls drm_mm_init(mm, 0, 0). This leads to a crash during the modprobe of amdgpu on an RX 9070 XT due to a DRM_MM_BUG_ON() assertion. To fix this, a check was added to return 0 early from amdgpu_ttm_init_on_chip() when the size is zero, preventing the registration of TTM resource managers for absent hardware resources.

Vendor
Linux
Product
Unknown
CVSS
Unknown
CISA KEV
Not listed in stored evidence
Original CVE published
2026-06-08
Original CVE updated
2026-06-08
Advisory published
2026-06-08
Advisory updated
2026-06-08

Who should care

Users of Linux kernel with RDNA4 hardware, specifically those with AMD GPUs like the RX 9070 XT.

Technical summary

The vulnerability is caused by the unconditional call to amdgpu_ttm_init_on_chip() for GDS, GWS, and OA resources, even when their sizes are zero. This leads to a crash due to a DRM_MM_BUG_ON() assertion. The fix involves adding a check to return early from amdgpu_ttm_init_on_chip() when the size is zero.

Defensive priority

Medium

Recommended defensive actions

  • Update the Linux kernel to a version that includes the fix for CVE-2026-46276.
  • Use resourceLinkAnnotations for more information: {cve-org} and {nvd}.

Evidence notes

The CVE record and NVD detail can be found at {cve-org} and {nvd}, respectively.

Official resources

CVE-2026-46276 was published on 2026-06-08T17:16:45.103Z.