CVE-2026-46229
MediumCVSS 5.5Exploitation Probability (EPSS)
Low risk2th percentile - higher than 2% of all known CVEs
Summary
A vulnerability has been identified in the Linux kernel related to VRAM allocation in KFD. The absence of the AMDGPU_GEM_CREATE_VRAM_CLEARED flag allowed freshly allocated VRAM to contain stale data, leading to crashes in RCCL P2P transport.
Risk Assessment
Organizations may experience system crashes and data integrity issues in applications using RCCL P2P transport, potentially disrupting critical computational processes.
Recommendation
It is recommended to update the Linux kernel to a version that includes the fix for this vulnerability to ensure that VRAM allocations are properly cleared before use.
Original NVD description (English source)
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Clear VRAM on allocation to prevent stale data exposure KFD VRAM allocations set AMDGPU_GEM_CREATE_VRAM_WIPE_ON_RELEASE but not AMDGPU_GEM_CREATE_VRAM_CLEARED, leaving freshly allocated VRAM with stale data from prior use observable by compute kernels. The GEM ioctl path already sets VRAM_CLEARED for all userspace allocations via amdgpu_gem_create_ioctl() and amdgpu_mode_dumb_create(). The KFD path was missing this flag, allowing stale page table remnants to leak into user buffers. This causes crashes in RCCL P2P transport where non-zero data in ptrExchange/head/tail fields corrupts the protocol handshake.

