CVE-2025-40336

Summary

In the Linux kernel, the following vulnerability has been resolved:

drm/gpusvm: fix hmm_pfn_to_map_order() usage

Handle the case where the hmm range partially covers a huge page (like 2M), otherwise we can potentially end up doing something nasty like mapping memory which is outside the range, and maybe not even mapped by the mm. Fix is based on the xe userptr code, which in a future patch will directly use gpusvm, so needs alignment here.

v2:

  • Add kernel-doc (Matt B)
  • s/fls/ilog2/ (Thomas)

Affected Software

VendorProductVersion RangeStatus
LinuxLinux99624bdff8670795b678eafa6509aaad3a5c0175 < 08e9fd78ba1b9e95141181c69cc51795c9888157affected
LinuxLinux99624bdff8670795b678eafa6509aaad3a5c0175 < c50729c68aaf93611c855752b00e49ce1fdd1558affected
LinuxLinux6.15affected
LinuxLinux0 < 6.15unaffected
LinuxLinux6.17.8 <= 6.17.*unaffected
LinuxLinux6.18 <= *unaffected

Weaknesses

References