Null Pointer Dereference in AMD GPU Driver for Linux Kernel
CVE-2025-71293

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 6 May 2026

What is CVE-2025-71293?

A vulnerability in the AMDGPU driver for the Linux kernel allows for a null pointer dereference. This occurs when the EEPROM contains invalid address entries, leading to a potential application crash. The issue manifests during bad page checks, resulting in an unstable state within kernel operations. By adjusting the allocation of Ras data prior to the bad page verification, this flaw has been addressed to prevent negative assignments and ensure reliable memory handling.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 0b7f78caeffa51a1afa521c284e863ec3b5a36df

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 5c685235b60459381e959109b416a63db4d8dbac

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

References

https://git.kernel.org/stable/c/0b7f78caeffa51a1afa521c28...

https://git.kernel.org/stable/c/5c685235b60459381e959109b...

https://git.kernel.org/stable/c/bd68a1404b6fa2e7e9957b38b...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 6, 2026
Vulnerability Reserved
May 6, 2026

CVE-2025-71293 Data

JSON