CVE-2025-40191

Summary

In the Linux kernel, the following vulnerability has been resolved:

drm/amdkfd: Fix kfd process ref leaking when userptr unmapping

kfd_lookup_process_by_pid hold the kfd process reference to ensure it doesn't get destroyed while sending the segfault event to user space.

Calling kfd_lookup_process_by_pid as function parameter leaks the kfd process refcount and miss the NULL pointer check if app process is already destroyed.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux2d274bf7099bc5e95fabaa93f23d0eb2977187ad < 60f6112fc9b3ba0eae519f10702c0c13bab45742affected
LinuxLinux2d274bf7099bc5e95fabaa93f23d0eb2977187ad < 58e6fc2fb94f0f409447e5d46cf6a417b6397fbcaffected
LinuxLinux6.16affected
LinuxLinux0 < 6.16unaffected
LinuxLinux6.17.4 <= 6.17.*unaffected
LinuxLinux6.18 <= *unaffected

Weaknesses

References