PT-2025-49052 · Linux+2 · Linux Kernel+2

Published

2025-12-04

Updated

2026-02-24

CVE-2025-40225

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel's Panthor driver related to GPU virtual address (GPUVA) region unmapping. Specifically, a kernel panic can occur when userspace attempts to partially unmap a GPU virtual region. The issue arises because the driver pre-allocates memory for new drm gpuva structures needed during map/unmap operations, expecting only one new structure for unmapping, but a partial unmap can require two. This leads to a NULL pointer dereference and subsequent kernel panic. The vulnerability is triggered when the panthor gpuva sm step remap function is called during a partial unmap operation.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2025-40225

OPENSUSE-SU-2026:20145-1

SUSE-SU-2026:0278-1

SUSE-SU-2026:0281-1

SUSE-SU-2026:0315-1

SUSE-SU-2026:20207-1

SUSE-SU-2026:20220-1

SUSE-SU-2026:20228-1

USN-8029-1

USN-8029-2

USN-8029-3

USN-8030-1

USN-8048-1

Affected Products

Linuxmint

Linux Kernel

Ubuntu

PT-2025-49052 · Linux+2 · Linux Kernel+2

CVE-2025-40225

Related Identifiers

Affected Products

References · 1350