Primary

Context

Linux Kernel AMDGPU Double Free Vulnerability Leading to NULL Pointer Dereference

Vulnerability

Patched

A vulnerability in the Linux kernel's AMDGPU driver can cause a double free error, leading to a NULL pointer dereference. This issue arises when command submission fails due to user pointer invalidation. The legacy code attempts to clean up the scheduler job, but this is unnecessary because a previous commit already integrated the job cleanup into the 'amdgpu_job_free' function. The redundant cleanup can cause a double free situation, which in turn leads to a NULL pointer dereference.

Impact

Exploitation of this vulnerability causes a NULL pointer dereference, which can lead to a system crash or instability.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been addressed. Instructions for downloading the patched version are available on the Linux Kernel Archives.

Added: Sep 15, 2025, 5:34 PM

Updated: Sep 15, 2025, 5:34 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

7.7

relevance

0.5

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

7.7

relevance

0.5

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel AMDGPU Double Free Vulnerability Leading to NULL Pointer Dereference

Vulnerability

Impact

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating