SB2025081813 - Memory leak in Linux kernel amd amdkfd driver
Published: August 18, 2025
Security Bulletin ID
SB2025081813
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Memory leak (CVE-ID: CVE-2025-38520)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the svm_range_split_head(), svm_range_split_by_granularity(), svm_range_add_list_work(), schedule_deferred_list_work(), svm_range_unmap_split(), svm_range_unmap_from_cpu() and svm_range_cpu_invalidate_pagetables() functions in drivers/gpu/drm/amd/amdkfd/kfd_svm.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/145a56bd68f4bff098d59fbc7c263d20dfef4fc4
- https://git.kernel.org/stable/c/a7eb0a25010a674c8fdfbece38353ef7be8c5834
- https://git.kernel.org/stable/c/c1bde9d48e09933c361521720f77a8072083c83a
- https://git.kernel.org/stable/c/cf234231fcbc7d391e2135b9518613218cc5347f
- https://git.kernel.org/stable/c/e90ee15ce28c61f6d83a0511c3e02e2662478350