Input Validation Flaw in Linux Kernel's AMDGPU Component
CVE-2025-40335

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 9 December 2025

What is CVE-2025-40335?

This vulnerability pertains to the AMDGPU component of the Linux kernel, where there is an issue with the validation of user input parameters in userq requests. An improper validation process can lead to the acceptance of invalid commands, potentially compromising system integrity during IOCTL (Input/output control) operations. The resolution improves the validation mechanism for userq input arguments, ensuring that only valid requests are processed, thus enhancing overall security.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 219be4711a1ba788bc2a9fafc117139d133e5fea

Linux 6.17.8 <= 6.17.*

References

https://git.kernel.org/stable/c/bdaa7ad3a5bb606d7dbd5c862...

https://git.kernel.org/stable/c/219be4711a1ba788bc2a9fafc...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 9, 2025
Vulnerability Reserved
Apr 16, 2025

JSON