CVE-2023-52825

drm/amdkfd: Fix a race condition of vram buffer unref in svm code

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix a race condition of vram buffer unref in svm code prange->svm_bo unref can happen in both mmu callback and a callback after migrate to system ram. Both are async call in different tasks. Sync svm_bo unref operation to avoid random "use-after-free".

Category

5.5
CVSS
Severity: Medium
CVSS 3.1 •
EPSS 0.04%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/7d43cdd22cd81a2b079e864c4321b9aba4c6af34 patch
https://git.kernel.org/stable/c/50f35a907c4f9ed431fd3dbb8b871ef1cbb0718e patch
https://git.kernel.org/stable/c/c772eacbd6d0845fc922af8716bb9d29ae27b8cf patch
https://git.kernel.org/stable/c/fc0210720127cc6302e6d6f3de48f49c3fcf5659 patch
https://git.kernel.org/stable/c/709c348261618da7ed89d6c303e2ceb9e453ba74 patch

Frequently Asked Questions

What is the severity of CVE-2023-52825?
CVE-2023-52825 has been scored as a medium severity vulnerability.
How to fix CVE-2023-52825?
To fix CVE-2023-52825, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2023-52825 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2023-52825 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2023-52825?
CVE-2023-52825 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.