Volerion logoVolerion
Volerion logoVolerion

Linux Kernel KFD Process Reference Leak Vulnerability

Vulnerability

A vulnerability in the Linux kernel's AMD GPU driver (AMDKFD) has been addressed, which involved a leak of process references when user pointer memory was unmapped. The issue arose because the function 'kfd_lookup_process_by_pid' was called as a parameter, leading to a reference count leak and a missed null pointer check if the application process had already been destroyed. This vulnerability could potentially disrupt the proper handling of segmentation fault events sent to user space, by allowing references to destroyed processes to be improperly managed.

Impact

The vulnerability could lead to a reference count leak of the KFD process, causing improper management of process references and potentially allowing for use-after-free conditions.

Remediation

Users can apply the latest patches available in the Linux kernel stable tree to address this vulnerability.

Added: Nov 12, 2025, 10:43 PM
Updated: Nov 12, 2025, 10:43 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
2.5
exploitability
4.0
remediation
7.7
relevance
1.1
threat
3.2
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.