PT-2025-20505 · Linux+6 · Linux Kernel+6

Published

2025-02-27

·

Updated

2026-04-20

·

CVE-2025-37854

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A use-after-free race bug exists in the Linux kernel, specifically in the drm/amdkfd component. This issue occurs when the HW scheduler hangs and a mode1 reset is used to recover the GPU. After the process aborts, user queues still access system memory before it is reset, while the KFD cleanup worker frees system memory and VRAM. This can lead to the corruption of data structures and cause a driver crash. The bug is related to the KFD allocation and reuse of freed system memory.
Recommendations To fix this issue, the KFD cleanup worker should terminate user queues, then flush the reset domain wq to wait for any GPU ongoing reset to complete, and then free outstanding BOs. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use After Free

Weakness Enumeration

CWE-416

Related Identifiers

BDU:2025-12071
CVE-2025-37854
DLA-4193-1
ECHO-539D-BC58-B654
OESA-2025-1823
OESA-2025-1824
OESA-2025-1870
SUSE-SU-2025:01964-1
SUSE-SU-2025:01965-1
SUSE-SU-2025:02000-1
SUSE-SU-2025:02254-1
SUSE-SU-2025:02307-1
SUSE-SU-2025:02333-1
SUSE-SU-2025:02923-1
SUSE-SU-2025:20408-1
SUSE-SU-2025:20413-1
SUSE-SU-2025:20419-1
SUSE-SU-2025:20421-1
SUSE-SU-2025_01964-1
SUSE-SU-2025_01965-1
SUSE-SU-2025_02000-1
SUSE-SU-2025_02254-1
SUSE-SU-2025_02307-1
SUSE-SU-2025_02333-1
USN-7594-1
USN-7594-2
USN-7594-3
USN-8028-1
USN-8028-2
USN-8028-3
USN-8028-4
USN-8028-5
USN-8028-6
USN-8028-7
USN-8028-8
USN-8031-1
USN-8031-2
USN-8031-3
USN-8052-1
USN-8052-2
USN-8074-1
USN-8074-2
USN-8126-1

Affected Products

Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu