CVE-2025-37854
drm/amdkfd: Fix mode1 reset crash issue
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
09 May 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
In the Linux kernel, the following vulnerability has been resolved:
drm/amdkfd: Fix mode1 reset crash issue
If HW scheduler hangs and mode1 reset is used to recover GPU, KFD signal
user space to abort the processes. After process abort exit, user queues
still use the GPU to access system memory before h/w is reset while KFD
cleanup worker free system memory and free VRAM.
There is use-after-free race bug that KFD allocate and reuse the freed
system memory, and user queue write to the same system memory to corrupt
the data structure and cause driver crash.
To fix this race, KFD cleanup worker terminate user queues, then flush
reset_domain wq to wait for any GPU ongoing reset complete, and then
free outstanding BOs.
Affected products
Linux · LinuxReferences
https://git.kernel.org/stable/c/57c9dabda80ac167de8cd71231baae37cc2f442dhttps://git.kernel.org/stable/c/6f30a847432cae84c7428e9b684b3e3fa49b2391https://git.kernel.org/stable/c/89af6b39f028c130d4362f57042927f005423e6ahttps://git.kernel.org/stable/c/9c4bcdf4068aae3e17e31c144300be405cfa03ffhttps://git.kernel.org/stable/c/f0b4440cdc1807bb6ec3dce0d6de81170803569bhttps://git.kernel.org/stable/c/ffd37d7d44d7e0b6e769d4fe6590e327f8cc3951https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html