What is GHSA-w77m-3j47-48fr?

GHSA-w77m-3j47-48fr is a security advisory published by GitHub Security Advisories with unknown severity. In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Clear VRAM on...

Which CVE IDs does GHSA-w77m-3j47-48fr cover?

GHSA-w77m-3j47-48fr covers the following CVE IDs: CVE-2026-46229. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

GHSA-w77m-3j47-48frunknown

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Clear VRAM on...

Vendor

GitHub Security Advisories

Published

May 28, 2026

Last Modified

May 28, 2026

🔗 CVE IDs covered (1)

CVE-2026-46229 →

📋 Description

In the Linux kernel, the following vulnerability has been resolved:

drm/amdkfd: Clear VRAM on allocation to prevent stale data exposure

KFD VRAM allocations set AMDGPU_GEM_CREATE_VRAM_WIPE_ON_RELEASE but not AMDGPU_GEM_CREATE_VRAM_CLEARED, leaving freshly allocated VRAM with stale data from prior use observable by compute kernels.

The GEM ioctl path already sets VRAM_CLEARED for all userspace allocations via amdgpu_gem_create_ioctl() and amdgpu_mode_dumb_create(). The KFD path was missing this flag, allowing stale page table remnants to leak into user buffers.

This causes crashes in RCCL P2P transport where non-zero data in ptrExchange/head/tail fields corrupts the protocol handshake.

🔗 References (7)

https://nvd.nist.gov/vuln/detail/CVE-2026-46229
https://git.kernel.org/stable/c/047d44d8d29a6a1a5757256837aa9dd78e3cd0b5
https://git.kernel.org/stable/c/1db431380879fd9d28b763a88a0c0431be5be8df
https://git.kernel.org/stable/c/32b153658f017ad2f5bf8aab479e8d16ac95bc3a
https://git.kernel.org/stable/c/77d0b5d11387071770246fd0185a69fa28e8e109
https://git.kernel.org/stable/c/ad52d61d82181dbdb7f05826de38352d5e550cc2
https://github.com/advisories/GHSA-w77m-3j47-48fr