CVE-2025-38011
📋 TL;DR
A memory leak vulnerability in the Linux kernel's AMD GPU driver occurs when a process exits while unmapping CSA (Command Submission Accelerator) memory. The issue allows interrupted lock acquisition during cleanup, causing GPU virtual memory resources to not be properly freed. This affects Linux systems with AMD graphics hardware using the amdgpu kernel driver.
💻 Affected Systems
- Linux kernel with amdgpu driver
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Sustained exploitation could lead to kernel memory exhaustion, system instability, or denial of service through resource depletion.
Likely Case
Memory leak gradually consumes kernel resources, potentially causing system slowdowns, application crashes, or requiring system reboots.
If Mitigated
With proper patching, the memory leak is prevented and normal cleanup occurs during process termination.
🎯 Exploit Status
Exploitation requires local access and ability to trigger process exits with GPU operations. The vulnerability is in cleanup code path during process termination.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Linux kernel with commit 7dbbfb3c171a6f63b01165958629c9c26abf38ab or later stable backports
Vendor Advisory: https://git.kernel.org/stable/c/8d2979b9bb1be0f4a52dff600e56d780403e04ac
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix commit. 2. For distributions: Use package manager to update kernel package. 3. Reboot system to load new kernel.
🔧 Temporary Workarounds
Restrict GPU access
linuxLimit which users or processes can access GPU devices to reduce attack surface
chmod 600 /dev/dri/renderD*
chmod 600 /dev/dri/card*
🧯 If You Can't Patch
- Monitor system memory usage and kernel logs for memory leak warnings
- Implement regular system reboots to clear accumulated leaked memory
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if amdgpu module is loaded: uname -r && lsmod | grep amdgpuCheck Version:
uname -rVerify Fix Applied:
Verify kernel version includes fix commit: grep -q '7dbbfb3c171a6f63b01165958629c9c26abf38ab' /proc/version || echo 'Check kernel git history'📡 Detection & Monitoring
Log Indicators:
- Kernel warnings about amdgpu memory leaks
- dmesg entries with 'WARNING: CPU:' and 'amdgpu_driver_postclose_kms'
- Increasing kernel memory usage over time
Network Indicators:
- None - this is a local kernel vulnerability
SIEM Query:
source="kernel" AND "WARNING" AND "amdgpu" AND "memory"