Vulnerability in Linux Kernel Related to AMD GPU VRAM Attributes
CVE-2025-40289

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 6 December 2025

What is CVE-2025-40289?

A significant vulnerability has been identified within the Linux kernel that impacts AMD graphics processing units (GPUs). Specifically, the issue arises from VRAM sysfs attributes being accessible on GPUs that do not have VRAM. This misconfiguration can lead to system crashes when these attributes are accessed. The vulnerability highlights the importance of proper access control measures to prevent erroneous system behavior and maintain operational stability for systems utilizing AMD GPUs.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 39a1c8c860e32d775f29917939e87b6a7c08ebb1

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 33cc891b56b93cad1a83263eaf2e417436f70c82

References

https://git.kernel.org/stable/c/39a1c8c860e32d775f2991793...

https://git.kernel.org/stable/c/a67a9f99ce1306898d7129a19...

https://git.kernel.org/stable/c/33cc891b56b93cad1a83263ea...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 6, 2025
Vulnerability Reserved
Apr 16, 2025

JSON