Detections
Analytics

CVE-2025-21940

medium

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix NULL Pointer Dereference in KFD queue Through KFD IOCTL Fuzzing we encountered a NULL pointer derefrence when calling kfd_queue_acquire_buffers. (cherry picked from commit 049e5bf3c8406f87c3d8e1958e0a16804fa1d530)

References

https://git.kernel.org/stable/c/fd617ea3b79d2116d53f76cdb5a3601c0ba6e42f

https://git.kernel.org/stable/c/c3cbeafb4e0001d9146df50b470885e02664f3c7

https://git.kernel.org/stable/c/33eb8041c5d6c19d46e7bfd23a031844336afd80

Details

Source: Mitre, NVD

Published: 2025-04-01

Updated: 2025-04-10

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium

EPSS

EPSS: 0.00017