VYPR
← All advisories
Unrated severityNVD Advisory· Published May 27, 2026· Updated May 27, 2026

CVE-2026-45980

CVE-2026-45980

Description

In the Linux kernel, the following vulnerability has been resolved:

accel/amdxdna: Stop job scheduling across aie2_release_resource()

Running jobs on a hardware context while it is in the process of releasing resources can lead to use-after-free and crashes.

Fix this by stopping job scheduling before calling aie2_release_resource() and restarting it after the release completes. Additionally, aie2_sched_job_run() now checks whether the hardware context is still active.

Affected products

1

Patches

6
b79d31dce49b

accel/amdxdna: Stop job scheduling across aie2_release_resource()

https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitLizhi HouJan 30, 2026Fixed in 6.18.14via kernel-cna
commit
1 file changed · +6 1
  • drivers/accel/amdxdna/aie2_ctx.c+6 1 modified
    diff --git a/drivers/accel/amdxdna/aie2_ctx.c b/drivers/accel/amdxdna/aie2_ctx.c
index 75246c481fa50e..c3cb24d96cee3b 100644
--- a/drivers/accel/amdxdna/aie2_ctx.c
+++ b/drivers/accel/amdxdna/aie2_ctx.c
@@ -317,6 +317,9 @@ aie2_sched_job_run(struct drm_sched_job *sched_job)
 	struct dma_fence *fence;
 	int ret;
 
+	if (hwctx->status != HWCTX_STAT_READY)
+		return NULL;
+
 	if (!mmget_not_zero(job->mm))
 		return ERR_PTR(-ESRCH);
 
@@ -684,7 +687,10 @@ void aie2_hwctx_fini(struct amdxdna_hwctx *hwctx)
 	aie2_hwctx_wait_for_idle(hwctx);
 
 	/* Request fw to destroy hwctx and cancel the rest pending requests */
+	drm_sched_stop(&hwctx->priv->sched, NULL);
 	aie2_release_resource(hwctx);
+	hwctx->status = HWCTX_STAT_STOP;
+	drm_sched_start(&hwctx->priv->sched, 0);
 
 	mutex_unlock(&xdna->dev_lock);
 	drm_sched_entity_destroy(&hwctx->priv->entity);
-- 
cgit 1.3-korg
688c3ff079b1

accel/amdxdna: Stop job scheduling across aie2_release_resource()

https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitLizhi HouJan 30, 2026Fixed in 6.19.4via kernel-cna
commit
1 file changed · +6 1
  • drivers/accel/amdxdna/aie2_ctx.c+6 1 modified
    diff --git a/drivers/accel/amdxdna/aie2_ctx.c b/drivers/accel/amdxdna/aie2_ctx.c
index 42d876a427c595..2c36ed7e9639c0 100644
--- a/drivers/accel/amdxdna/aie2_ctx.c
+++ b/drivers/accel/amdxdna/aie2_ctx.c
@@ -315,6 +315,9 @@ aie2_sched_job_run(struct drm_sched_job *sched_job)
 	struct dma_fence *fence;
 	int ret;
 
+	if (hwctx->status != HWCTX_STAT_READY)
+		return NULL;
+
 	if (!mmget_not_zero(job->mm))
 		return ERR_PTR(-ESRCH);
 
@@ -693,7 +696,10 @@ void aie2_hwctx_fini(struct amdxdna_hwctx *hwctx)
 	aie2_hwctx_wait_for_idle(hwctx);
 
 	/* Request fw to destroy hwctx and cancel the rest pending requests */
+	drm_sched_stop(&hwctx->priv->sched, NULL);
 	aie2_release_resource(hwctx);
+	hwctx->status = HWCTX_STAT_STOP;
+	drm_sched_start(&hwctx->priv->sched, 0);
 
 	mutex_unlock(&xdna->dev_lock);
 	drm_sched_entity_destroy(&hwctx->priv->entity);
-- 
cgit 1.3-korg
f1370241fe80

accel/amdxdna: Stop job scheduling across aie2_release_resource()

https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitLizhi HouJan 30, 2026Fixed in 7.0via kernel-cna
commit
1 file changed · +6 1
  • drivers/accel/amdxdna/aie2_ctx.c+6 1 modified
    diff --git a/drivers/accel/amdxdna/aie2_ctx.c b/drivers/accel/amdxdna/aie2_ctx.c
index 5511ab2ef242cf..c4a58c00e442aa 100644
--- a/drivers/accel/amdxdna/aie2_ctx.c
+++ b/drivers/accel/amdxdna/aie2_ctx.c
@@ -315,6 +315,9 @@ aie2_sched_job_run(struct drm_sched_job *sched_job)
 	struct dma_fence *fence;
 	int ret;
 
+	if (hwctx->status != HWCTX_STAT_READY)
+		return NULL;
+
 	if (!mmget_not_zero(job->mm))
 		return ERR_PTR(-ESRCH);
 
@@ -705,7 +708,10 @@ void aie2_hwctx_fini(struct amdxdna_hwctx *hwctx)
 	aie2_hwctx_wait_for_idle(hwctx);
 
 	/* Request fw to destroy hwctx and cancel the rest pending requests */
+	drm_sched_stop(&hwctx->priv->sched, NULL);
 	aie2_release_resource(hwctx);
+	hwctx->status = HWCTX_STAT_STOP;
+	drm_sched_start(&hwctx->priv->sched, 0);
 
 	mutex_unlock(&xdna->dev_lock);
 	drm_sched_entity_destroy(&hwctx->priv->entity);
-- 
cgit 1.3-korg
688c3ff079b1

accel/amdxdna: Stop job scheduling across aie2_release_resource()

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.gitLizhi HouJan 30, 2026via nvd-ref
commit
1 file changed · +6 1
  • drivers/accel/amdxdna/aie2_ctx.c+6 1 modified
    diff --git a/drivers/accel/amdxdna/aie2_ctx.c b/drivers/accel/amdxdna/aie2_ctx.c
index 42d876a427c595..2c36ed7e9639c0 100644
--- a/drivers/accel/amdxdna/aie2_ctx.c
+++ b/drivers/accel/amdxdna/aie2_ctx.c
@@ -315,6 +315,9 @@ aie2_sched_job_run(struct drm_sched_job *sched_job)
 	struct dma_fence *fence;
 	int ret;
 
+	if (hwctx->status != HWCTX_STAT_READY)
+		return NULL;
+
 	if (!mmget_not_zero(job->mm))
 		return ERR_PTR(-ESRCH);
 
@@ -693,7 +696,10 @@ void aie2_hwctx_fini(struct amdxdna_hwctx *hwctx)
 	aie2_hwctx_wait_for_idle(hwctx);
 
 	/* Request fw to destroy hwctx and cancel the rest pending requests */
+	drm_sched_stop(&hwctx->priv->sched, NULL);
 	aie2_release_resource(hwctx);
+	hwctx->status = HWCTX_STAT_STOP;
+	drm_sched_start(&hwctx->priv->sched, 0);
 
 	mutex_unlock(&xdna->dev_lock);
 	drm_sched_entity_destroy(&hwctx->priv->entity);
-- 
cgit 1.3-korg
b79d31dce49b

accel/amdxdna: Stop job scheduling across aie2_release_resource()

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.gitLizhi HouJan 30, 2026via nvd-ref
commit
1 file changed · +6 1
  • drivers/accel/amdxdna/aie2_ctx.c+6 1 modified
    diff --git a/drivers/accel/amdxdna/aie2_ctx.c b/drivers/accel/amdxdna/aie2_ctx.c
index 75246c481fa50e..c3cb24d96cee3b 100644
--- a/drivers/accel/amdxdna/aie2_ctx.c
+++ b/drivers/accel/amdxdna/aie2_ctx.c
@@ -317,6 +317,9 @@ aie2_sched_job_run(struct drm_sched_job *sched_job)
 	struct dma_fence *fence;
 	int ret;
 
+	if (hwctx->status != HWCTX_STAT_READY)
+		return NULL;
+
 	if (!mmget_not_zero(job->mm))
 		return ERR_PTR(-ESRCH);
 
@@ -684,7 +687,10 @@ void aie2_hwctx_fini(struct amdxdna_hwctx *hwctx)
 	aie2_hwctx_wait_for_idle(hwctx);
 
 	/* Request fw to destroy hwctx and cancel the rest pending requests */
+	drm_sched_stop(&hwctx->priv->sched, NULL);
 	aie2_release_resource(hwctx);
+	hwctx->status = HWCTX_STAT_STOP;
+	drm_sched_start(&hwctx->priv->sched, 0);
 
 	mutex_unlock(&xdna->dev_lock);
 	drm_sched_entity_destroy(&hwctx->priv->entity);
-- 
cgit 1.3-korg
f1370241fe80

accel/amdxdna: Stop job scheduling across aie2_release_resource()

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.gitLizhi HouJan 30, 2026via nvd-ref
commit
1 file changed · +6 1
  • drivers/accel/amdxdna/aie2_ctx.c+6 1 modified
    diff --git a/drivers/accel/amdxdna/aie2_ctx.c b/drivers/accel/amdxdna/aie2_ctx.c
index 5511ab2ef242cf..c4a58c00e442aa 100644
--- a/drivers/accel/amdxdna/aie2_ctx.c
+++ b/drivers/accel/amdxdna/aie2_ctx.c
@@ -315,6 +315,9 @@ aie2_sched_job_run(struct drm_sched_job *sched_job)
 	struct dma_fence *fence;
 	int ret;
 
+	if (hwctx->status != HWCTX_STAT_READY)
+		return NULL;
+
 	if (!mmget_not_zero(job->mm))
 		return ERR_PTR(-ESRCH);
 
@@ -705,7 +708,10 @@ void aie2_hwctx_fini(struct amdxdna_hwctx *hwctx)
 	aie2_hwctx_wait_for_idle(hwctx);
 
 	/* Request fw to destroy hwctx and cancel the rest pending requests */
+	drm_sched_stop(&hwctx->priv->sched, NULL);
 	aie2_release_resource(hwctx);
+	hwctx->status = HWCTX_STAT_STOP;
+	drm_sched_start(&hwctx->priv->sched, 0);
 
 	mutex_unlock(&xdna->dev_lock);
 	drm_sched_entity_destroy(&hwctx->priv->entity);
-- 
cgit 1.3-korg

Vulnerability mechanics

Root cause

"Missing synchronization in aie2_hwctx_fini() allows job scheduling to continue during hardware context resource release, leading to use-after-free."

Attack vector

An attacker with access to the AMD XDNA accelerator device can trigger a use-after-free by submitting GPU jobs via the DRM scheduler while the hardware context is being destroyed. The race occurs because `aie2_hwctx_fini()` releases resources (via `aie2_release_resource()`) without first stopping the scheduler; a concurrently running `aie2_sched_job_run()` may access freed memory belonging to the hardware context. The attacker needs only local access to the accelerator device and the ability to submit jobs, no special privileges beyond normal device access.

Affected code

The vulnerability is in `drivers/accel/amdxdna/aie2_ctx.c` within the functions `aie2_hwctx_fini()` and `aie2_sched_job_run()`. During hardware context destruction, `aie2_hwctx_fini()` calls `aie2_release_resource()` without first stopping the DRM scheduler, allowing new jobs to be dispatched concurrently with resource teardown.

What the fix does

The patch adds two changes in `aie2_ctx.c`. First, in `aie2_hwctx_fini()`, `drm_sched_stop()` is called before `aie2_release_resource()` to prevent any new jobs from being dispatched during resource teardown, and `drm_sched_start()` is called afterward to resume scheduling. Second, in `aie2_sched_job_run()`, a new check verifies `hwctx->status == HWCTX_STAT_READY` and returns NULL if the context is not ready, preventing stale job execution on a context that is being torn down. Together these close the race window that caused use-after-free.

Preconditions

  • authAttacker must have local access to the AMD XDNA accelerator device
  • inputAttacker must be able to submit DRM scheduler jobs to the hardware context

Generated on May 27, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

3

News mentions

0

No linked articles in our index yet.