CVE-2025-40191

Published: Nov 12, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix kfd process ref leaking when userptr unmapping kfd_lookup_process_by_pid hold the kfd process reference to ensure it doesn't get destroyed while sending the segfault event to user space. Calling kfd_lookup_process_by_pid as function parameter leaks the kfd process refcount and miss the NULL pointer check if app process is already destroyed.

Vendor	Product	Versions
Linux	Linux	affected `2d274bf7099bc5e95fabaa93f23d0eb2977187ad - < 60f6112fc9b3ba0eae519f10702c0c13bab45742` affected `2d274bf7099bc5e95fabaa93f23d0eb2977187ad - < 58e6fc2fb94f0f409447e5d46cf6a417b6397fbc`
Linux	Linux	affected `6.16` unaffected `0 - < 6.16` unaffected `6.17.4 - <= 6.17.` unaffected `6.18 - <= `

References

https://git.kernel.org/stable/c/60f6112fc9b3ba0eae519f10702c0c13bab45742

https://git.kernel.org/stable/c/58e6fc2fb94f0f409447e5d46cf6a417b6397fbc

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-40191

Description

Affected Products

References