Home

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix kfd process ref leaking when userptr unmapping kfd_lookup_process_by_pid hold the kfd process reference to ensure it doesn't get destroyed while sending the segfault event to user space. Calling kfd_lookup_process_by_pid as function parameter leaks the kfd process refcount and miss the NULL pointer check if app process is already destroyed.

PUBLISHED Reserved 2025-04-16 | Published 2025-11-12 | Updated 2025-12-01 | Assigner Linux

Product status

Default status
unaffected

2d274bf7099bc5e95fabaa93f23d0eb2977187ad (git) before 60f6112fc9b3ba0eae519f10702c0c13bab45742
affected

2d274bf7099bc5e95fabaa93f23d0eb2977187ad (git) before 58e6fc2fb94f0f409447e5d46cf6a417b6397fbc
affected

Default status
affected

6.16
affected

Any version before 6.16
unaffected

6.17.4 (semver)
unaffected

6.18 (original_commit_for_fix)
unaffected

References

git.kernel.org/...c/60f6112fc9b3ba0eae519f10702c0c13bab45742

git.kernel.org/...c/58e6fc2fb94f0f409447e5d46cf6a417b6397fbc

cve.org (CVE-2025-40191)

nvd.nist.gov (CVE-2025-40191)

Download JSON