[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"c832c346cdf9022872655be621880e0f66f4135d","lessThan":"1f5d33e7b0a9a2a140f46e22fb52eede323c5946","versionType":"git","status":"affected"},{"version":"c832c346cdf9022872655be621880e0f66f4135d","lessThan":"9bc925759c05feae7dfa9570e77131d54729c8ea","versionType":"git","status":"affected"},{"version":"c832c346cdf9022872655be621880e0f66f4135d","lessThan":"36f9602fb22ede69fcc8b422be0cf8105bf655ad","versionType":"git","status":"affected"},{"version":"c832c346cdf9022872655be621880e0f66f4135d","lessThan":"be0376affcafa0bbb371bb501579a825eae32281","versionType":"git","status":"affected"},{"version":"c832c346cdf9022872655be621880e0f66f4135d","lessThan":"0e21db1a77967bc15df662efdca8ea8a61d124ea","versionType":"git","status":"affected"},{"version":"c832c346cdf9022872655be621880e0f66f4135d","lessThan":"30c000a49094ec568c9b51b7421f7a4a3f0b0298","versionType":"git","status":"affected"},{"version":"c832c346cdf9022872655be621880e0f66f4135d","lessThan":"3e26c76891ab99fa173e9c501119fbb5c9f4600f","versionType":"git","status":"affected"},{"version":"c832c346cdf9022872655be621880e0f66f4135d","lessThan":"095a8b0ad3c3b5cdc3850d961adb8a8f735220bb","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"4.20","status":"affected"},{"version":"0","lessThan":"4.20","versionType":"semver","status":"unaffected"},{"version":"5.10.258","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.209","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.175","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.140","lessThanOrEq

In the Linux kernel, the following vulnerability has been resolved:

drm/amdgpu: fix zero-size GDS range init on RDNA4

RDNA4 (GFX 12) hardware removes the GDS, GWS, and OA on-chip memory
resources. The gfx_v12_0 initialisation code correctly leaves
adev->gds.gds_size, adev->gds.gws_size, and adev->gds.oa_size at
zero to reflect this.

amdgpu_ttm_init() unconditionally calls amdgpu_ttm_init_on_chip() for
each of these resources regardless of size. When the size is zero,
amdgpu_ttm_init_on_chip() forwards the call to ttm_range_man_init(),
which calls drm_mm_init(mm, 0, 0). drm_mm_init() immediately fires
DRM_MM_BUG_ON(start + size <= start) -- trivially true when size is
zero -- crashing the kernel during modprobe of amdgpu on an RX 9070 XT.

Guard against this by returning 0 early from
amdgpu_ttm_init_on_chip() when size_in_page is zero. This skips TTM
resource manager registration for hardware resources that are absent,
without affecting any other GPU type.

DRM_MM_BUG_ON() only asserts if CONFIG_DRM_DEBUG_MM is enabled in
the kernel config.  This is apparently rarely enabled as these chips
have been in the market for over a year and this issue was only reported
now.

Oops-Analysis: http://oops.fenrus.org/reports/bugzilla.korg/221376/report.html
(cherry picked from commit 5719ce5865279cad4fd5f01011fe037168503f2d)

https://git.kernel.org/stable/c/095a8b0ad3c3b5cdc3850d961adb8a8f735220bb

https://git.kernel.org/stable/c/0e21db1a77967bc15df662efdca8ea8a61d124ea

https://git.kernel.org/stable/c/1f5d33e7b0a9a2a140f46e22fb52eede323c5946

https://git.kernel.org/stable/c/30c000a49094ec568c9b51b7421f7a4a3f0b0298

https://git.kernel.org/stable/c/36f9602fb22ede69fcc8b422be0cf8105bf655ad

https://git.kernel.org/stable/c/3e26c76891ab99fa173e9c501119fbb5c9f4600f

https://git.kernel.org/stable/c/9bc925759c05feae7dfa9570e77131d54729c8ea

https://git.kernel.org/stable/c/be0376affcafa0bbb371bb501579a825eae32281