Linux Kernel Vulnerability Affecting Graphics Driver Management
CVE-2025-40166

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 12 November 2025

What is CVE-2025-40166?

A flaw exists within the Linux kernel that may impair the proper deregistration of the exec queue when the Graphics Engine Unit (GuC) is not running. In scenarios where the driver is unbound while the exec queue remains active, attempts to clear resources may fail due to inability to communicate with the GuC. This may lead to resource leaks and system instability. The issue has been addressed by ensuring that resources are directly released when the GuC is not operational, thus enhancing the overall stability and security of graphics driver management.

Affected Version(s)

Linux dd08ebf6c3525a7ea2186e636df064ea47281987 < 2c6e5904c5bdbac8e0eadee40f70c42bb83f6dc6

Linux dd08ebf6c3525a7ea2186e636df064ea47281987

Linux dd08ebf6c3525a7ea2186e636df064ea47281987 < 9f64b3cd051b825de0a2a9f145c8e003200cedd5

References

https://git.kernel.org/stable/c/2c6e5904c5bdbac8e0eadee40...

https://git.kernel.org/stable/c/fa708415566bbe5361c935645...

https://git.kernel.org/stable/c/9f64b3cd051b825de0a2a9f14...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 12, 2025
Vulnerability Reserved
Apr 16, 2025

JSON