CVE-2025-38598

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: A use-after-free issue exists in the amdgpu userq suspend function within the kernel's DRM/amdgpu subsystem. This can lead to a kernel bug as indicated by KASAN (Kernel Address Sanitizer) detecting a slab-use-after-free condition. The issue occurs during the amdgpu userq suspend process, specifically when reading memory at an address after it has been freed. The call trace indicates involvement of functions like amdgpu device fini hw, amdgpu driver unload kms, and pci device remove, suggesting a potential link to device removal or driver unloading.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.