CVE-2025-40191
Linux Kernel - Use-After-Free in drm/amdkfd Userptr Unmapping
Title source: llmDescription
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix kfd process ref leaking when userptr unmapping kfd_lookup_process_by_pid hold the kfd process reference to ensure it doesn't get destroyed while sending the segfault event to user space. Calling kfd_lookup_process_by_pid as function parameter leaks the kfd process refcount and miss the NULL pointer check if app process is already destroyed.
References (2)
Core 2
Scores
EPSS
0.0017
EPSS Percentile
6.4%
Details
Status
published
Products (7)
linux/Kernel
6.16.0 - 6.17.4linux
Linux/Linux
< 6.16
Linux/Linux
2d274bf7099bc5e95fabaa93f23d0eb2977187ad - 58e6fc2fb94f0f409447e5d46cf6a417b6397fbc
Linux/Linux
2d274bf7099bc5e95fabaa93f23d0eb2977187ad - 60f6112fc9b3ba0eae519f10702c0c13bab45742
Linux/Linux
6.16
Linux/Linux
6.17.4 - 6.17.*
Linux/Linux
6.18
Published
Nov 12, 2025
Tracked Since
Feb 18, 2026