CVE-2025-38104
📋 TL;DR
This CVE describes a priority inversion vulnerability in the Linux kernel's AMD GPU driver (amdgpu) when using Single Root I/O Virtualization (SRIOV). The issue occurs when a low-priority thread holds a mutex needed by a high-priority thread during RLCG register access, potentially causing system instability or denial of service. This affects Linux systems with AMD GPUs using SRIOV virtualization.
💻 Affected Systems
- Linux kernel with AMD GPU driver (amdgpu)
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
System instability, kernel panic, or denial of service due to priority inversion deadlocks in the GPU driver, potentially affecting all virtual functions using the GPU.
Likely Case
Performance degradation, GPU operation failures, or system hangs when multiple virtual functions attempt concurrent GPU register access under SRIOV.
If Mitigated
Minor performance impact during GPU operations with proper locking mechanisms in place.
🎯 Exploit Status
Exploitation requires local access to trigger the race condition. No known public exploits.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Linux kernel with commits: 07ed75bfa7ede8bfcfa303fd6efc85db1c8684c7, 1c0378830e42c98acd69e0289882c8637d92f285, 5c1741a0c176ae11675a64cb7f2dd21d72db6b91, d1bda2ab0cf956a16dd369a473a6c43dfbed5855, dc0297f3198bd60108ccbd167ee5d9fa4af31ed0
Vendor Advisory: https://git.kernel.org/stable/c/07ed75bfa7ede8bfcfa303fd6efc85db1c8684c7
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix commits
2. Rebuild kernel if compiling from source
3. Reboot system to load new kernel
🔧 Temporary Workarounds
Disable SRIOV for AMD GPUs
linuxTemporarily disable Single Root I/O Virtualization feature for AMD GPUs to avoid the vulnerable code path.
echo 0 > /sys/class/drm/card0/device/sriov_numvfs
Replace card0 with appropriate GPU device
🧯 If You Can't Patch
- Avoid concurrent GPU-intensive operations across multiple virtual functions
- Monitor system logs for 'Invalid wait context' or priority inversion warnings
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if amdgpu driver is loaded with SRIOV support: lsmod | grep amdgpu && cat /sys/module/amdgpu/versionCheck Version:
uname -rVerify Fix Applied:
Verify kernel version includes fix commits: grep -r '07ed75bfa7ede8bfcfa303fd6efc85db1c8684c7' /lib/modules/$(uname -r)/📡 Detection & Monitoring
Log Indicators:
- Kernel logs showing 'BUG: Invalid wait context'
- Messages containing 'amdgpu_virt_rlcg_reg_rw' or 'priority inversion'
- System hangs or GPU operation failures in dmesg
Network Indicators:
- None - this is a local kernel/driver issue
SIEM Query:
source="kernel" AND ("Invalid wait context" OR "priority inversion" OR "amdgpu_virt_rlcg")🔗 References
- https://git.kernel.org/stable/c/07ed75bfa7ede8bfcfa303fd6efc85db1c8684c7
- https://git.kernel.org/stable/c/1c0378830e42c98acd69e0289882c8637d92f285
- https://git.kernel.org/stable/c/5c1741a0c176ae11675a64cb7f2dd21d72db6b91
- https://git.kernel.org/stable/c/d1bda2ab0cf956a16dd369a473a6c43dfbed5855
- https://git.kernel.org/stable/c/dc0297f3198bd60108ccbd167ee5d9fa4af31ed0
- https://git.kernel.org/stable/c/dd450b513718dfeb4c637c9335d51a55ebcd4320
