CVE-2025-38011

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: csa unmap use uninterruptible lock After process exit to unmap csa and free GPU vm, if signal is accepted and then waiting to take vm lock is interrupted and return, it causes memory leaking and below warning backtrace. Change to use uninterruptible wait lock fix the issue. WARNING: CPU: 69 PID: 167800 at amd/amdgpu/amdgpu_kms.c:1525 amdgpu_driver_postclose_kms+0x294/0x2a0 [amdgpu] Call Trace: <TASK> drm_file_free.part.0+0x1da/0x230 [drm] drm_close_helper.isra.0+0x65/0x70 [drm] drm_release+0x6a/0x120 [drm] amdgpu_drm_release+0x51/0x60 [amdgpu] __fput+0x9f/0x280 ____fput+0xe/0x20 task_work_run+0x67/0xa0 do_exit+0x217/0x3c0 do_group_exit+0x3b/0xb0 get_signal+0x14a/0x8d0 arch_do_signal_or_restart+0xde/0x100 exit_to_user_mode_loop+0xc1/0x1a0 exit_to_user_mode_prepare+0xf4/0x100 syscall_exit_to_user_mode+0x17/0x40 do_syscall_64+0x69/0xc0 (cherry picked from commit 7dbbfb3c171a6f63b01165958629c9c26abf38ab)

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/8d71c3231b33e24a911b8f2d8c3a17ee40aa32d5	Patch
https://git.kernel.org/stable/c/a0fa7873f2f869087b1e7793f7fac3713a1e3afe	Patch
https://git.kernel.org/stable/c/a1adc8d9a0d219d4e88672c30dbc9ea960d73136	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.15:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.15:rc2::::::
	cpe:2.3:o:linux:linux_kernel:6.15:rc3::::::
	cpe:2.3:o:linux:linux_kernel:6.15:rc4::::::
	cpe:2.3:o:linux:linux_kernel:6.15:rc5::::::
	cpe:2.3:o:linux:linux_kernel:6.15:rc6::::::

History

17 Nov 2025, 12:56

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
References	~~() https://git.kernel.org/stable/c/8d71c3231b33e24a911b8f2d8c3a17ee40aa32d5 -~~	() https://git.kernel.org/stable/c/8d71c3231b33e24a911b8f2d8c3a17ee40aa32d5 - Patch
References	~~() https://git.kernel.org/stable/c/a0fa7873f2f869087b1e7793f7fac3713a1e3afe -~~	() https://git.kernel.org/stable/c/a0fa7873f2f869087b1e7793f7fac3713a1e3afe - Patch
References	~~() https://git.kernel.org/stable/c/a1adc8d9a0d219d4e88672c30dbc9ea960d73136 -~~	() https://git.kernel.org/stable/c/a1adc8d9a0d219d4e88672c30dbc9ea960d73136 - Patch
CWE		CWE-401
Summary		(es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amdgpu: csa unmap usa un bloqueo ininterrumpible. Tras salir del proceso para desasignar csa y liberar la máquina virtual de la GPU, si se acepta la señal y se interrumpe la espera para obtener el bloqueo de la máquina virtual y se retorna, se produce una fuga de memoria y un seguimiento inverso inferior a la advertencia. Cambiar al uso de un bloqueo de espera ininterrumpible soluciona el problema. ADVERTENCIA: CPU: 69 PID: 167800 en amd/amdgpu/amdgpu_kms.c:1525 amdgpu_driver_postclose_kms+0x294/0x2a0 [amdgpu] Seguimiento de llamadas: drm_file_free.part.0+0x1da/0x230 [drm] drm_close_helper.isra.0+0x65/0x70 [drm] drm_release+0x6a/0x120 [drm] amdgpu_drm_release+0x51/0x60 [amdgpu] __fput+0x9f/0x280 ____fput+0xe/0x20 task_work_run+0x67/0xa0 do_exit+0x217/0x3c0 do_group_exit+0x3b/0xb0 get_signal+0x14a/0x8d0 arch_do_signal_or_restart+0xde/0x100 exit_to_user_mode_loop+0xc1/0x1a0 exit_to_user_mode_prepare+0xf4/0x100 syscall_exit_to_user_mode+0x17/0x40 do_syscall_64+0x69/0xc0 (seleccionado de el commit 7dbbfb3c171a6f63b01165958629c9c26abf38ab)
CPE		cpe:2.3:o:linux:linux_kernel:6.15:rc5:::::: cpe:2.3:o:linux:linux_kernel:6.15:rc1:::::: cpe:2.3:o:linux:linux_kernel:6.15:rc3:::::: cpe:2.3:o:linux:linux_kernel:6.15:rc6:::::: cpe:2.3:o:linux:linux_kernel:6.15:rc4:::::: cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:6.15:rc2::::::
First Time		Linux Linux linux Kernel

18 Jun 2025, 10:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-06-18 10:15

Updated : 2025-11-17 12:56

NVD link : CVE-2025-38011

Mitre link : CVE-2025-38011

CVE.ORG link : CVE-2025-38011

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-401

Missing Release of Memory after Effective Lifetime

5.5 /10