Memory Allocation Vulnerability in Linux Kernel AMD GPU Driver
CVE-2025-38426

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 25 July 2025

What is CVE-2025-38426?

A vulnerability in the Linux kernel's AMD GPU driver pertains to insufficient validation of the RAS header read from EEPROM. If the RAS header is corrupted, it may lead to excessive memory allocations when attempting to read the records, potentially resulting in system instability and performance issues. Mitigating this risk requires improved validation mechanisms in the header fields to prevent undesirable memory behavior.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 5df0d6addb7e9b6f71f7162d1253762a5be9138e

Linux 6.15.4 <= 6.15.*

References

https://git.kernel.org/stable/c/b52f52bc5ba9feb026c0be600...

https://git.kernel.org/stable/c/5df0d6addb7e9b6f71f7162d1...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 25, 2025
Vulnerability Reserved
Apr 16, 2025