Login Sign Up

CVE-2023-52825

5.5 MEDIUM
Denial of Service

📋 TL;DR

This CVE describes a race condition in the Linux kernel's AMD GPU driver (drm/amdkfd) that can lead to a use-after-free vulnerability in shared virtual memory (SVM) code. The vulnerability occurs when VRAM buffer reference counting happens asynchronously in different tasks, potentially causing memory corruption. Systems using AMD GPUs with the affected kernel driver are vulnerable.

💻 Affected Systems

Products:
  • Linux kernel with AMD GPU driver (drm/amdkfd)
Versions: Linux kernel versions containing the vulnerable code (specific versions not provided in CVE description)
Operating Systems: Linux distributions with affected kernel versions
Default Config Vulnerable: ⚠️ Yes
Notes: Requires AMD GPU hardware and the amdkfd driver to be loaded and in use.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic, system crash, or potential privilege escalation leading to full system compromise.

🟠

Likely Case

System instability, crashes, or denial of service affecting GPU functionality.

🟢

If Mitigated

Minimal impact with proper kernel hardening and isolation of GPU workloads.

🌐 Internet-Facing: LOW - Requires local access and specific GPU operations.
🏢 Internal Only: MEDIUM - Local users or processes with GPU access could trigger the vulnerability.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: HIGH - Requires race condition triggering and kernel memory manipulation.

Exploitation requires local access and ability to perform specific GPU operations that trigger the race condition.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Patched in kernel commits referenced in CVE description

Vendor Advisory: https://git.kernel.org/stable/c/50f35a907c4f9ed431fd3dbb8b871ef1cbb0718e

Restart Required: Yes

Instructions:

1. Update Linux kernel to version containing fixes. 2. Reboot system. 3. Verify amdkfd module loads correctly.

🔧 Temporary Workarounds

Disable AMD GPU SVM feature

linux

Prevent use of shared virtual memory feature that triggers the vulnerability

echo 'options amdgpu svm=0' > /etc/modprobe.d/amdgpu-disable-svm.conf
update-initramfs -u
reboot

Unload amdkfd module

linux

Remove the vulnerable kernel module if AMD GPU features are not required

rmmod amdkfd
echo 'blacklist amdkfd' > /etc/modprobe.d/blacklist-amdkfd.conf

🧯 If You Can't Patch

  • Restrict local user access to systems with AMD GPUs
  • Implement strict process isolation and limit GPU workload scheduling

🔍 How to Verify

Check if Vulnerable:

Check if amdkfd module is loaded: lsmod | grep amdkfd

Check Version:

uname -r

Verify Fix Applied:

Check kernel version includes fix commits or verify amdkfd module version after update

📡 Detection & Monitoring

Log Indicators:

  • Kernel oops messages
  • GPU driver crash logs
  • System instability reports

Network Indicators:

  • None - local vulnerability only

SIEM Query:

source="kernel" AND ("amdkfd" OR "use-after-free" OR "kernel panic")

📊 Metadata

CVE ID: CVE-2023-52825
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-362
Published: May 21, 2024
Last Updated: April 2, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-52825, you might also want to check these:

CVE-2025-43275 9.8

A race condition vulnerability in macOS allows malicious applications to escape their sandbox restri...

Same vulnerability type (CWE-362)
CVE-2021-32810 9.8

A race condition in crossbeam-deque Rust library versions before 0.7.4 and 0.8.0 allows tasks in wor...

Same vulnerability type (CWE-362)
CVE-2025-30444 9.8

A race condition vulnerability in macOS SMB client allows attackers to cause system termination (ker...

Same vulnerability type (CWE-362)