Memory Mapping Issue in Linux Kernel Affecting GPU Functionality
CVE-2025-40336

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 9 December 2025

What is CVE-2025-40336?

A vulnerability in the Linux kernel related to dubious handling of memory mappings within the drm/gpusvm subsystem has been identified and resolved. Specifically, the function hmm_pfn_to_map_order() did not correctly handle scenarios where the memory range partially overlapped with huge pages, potentially leading to mapping of memory outside of the intended range. This flaw could compromise the integrity of GPU operations, posing a security risk. The fix ensures proper alignment and safeguards against unintended memory access, enhancing the overall security posture of users leveraging the Linux kernel for graphics processing tasks.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 08e9fd78ba1b9e95141181c69cc51795c9888157

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 6.17.8 <= 6.17.*

References

https://git.kernel.org/stable/c/08e9fd78ba1b9e95141181c69...

https://git.kernel.org/stable/c/c50729c68aaf93611c855752b...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 9, 2025
Vulnerability Reserved
Apr 16, 2025

JSON