Vulnerability in Linux Kernel Affecting AMD GPU Drivers
CVE-2025-40334

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 9 December 2025

What is CVE-2025-40334?

A vulnerability exists in the Linux kernel related to the AMD GPU drivers, specifically in the handling of the userq object. This flaw involves inadequate validation of the userq buffer's virtual address and size. If unaddressed, it may allow unauthorized access to memory regions, leading to potential data breaches or system instability. It is essential for users of affected Linux kernel versions to apply the necessary patches as per the kernel updates to mitigate these risks.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 5a577de86c4a1c67ca405571d6ef84e65c6897d1

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 9e46b8bb0539d7bc9a9e7b3072fa4f6082490392

Linux 6.17.8 <= 6.17.*

References

https://git.kernel.org/stable/c/5a577de86c4a1c67ca405571d...

https://git.kernel.org/stable/c/9e46b8bb0539d7bc9a9e7b307...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 9, 2025
Vulnerability Reserved
Apr 16, 2025

JSON