Cloud Vulnerability DB
A community-led vulnerabilities database
Vulnerability DatabaseCVE-2025-38011
CVE-2025-38011:
Linux Kernel vulnerability analysis and mitigation
Overview
CVE-2025-38011 was disclosed on June 18, 2025, affecting the Linux kernel's AMD GPU driver component. The vulnerability is related to the drm/amdgpu component, specifically involving the csa unmap functionality using an uninterruptible lock (NVD, Wiz).
Technical details
The vulnerability occurs after process exit when attempting to unmap csa and free GPU vm. If a signal is accepted while waiting to take the vm lock, and the operation is interrupted and returns, it results in memory leaking and generates warning backtrace messages. The issue specifically manifests in the amdgpudriverpostclose_kms function (NVD, Wiz).
Impact
The primary impact of this vulnerability is memory leakage in the Linux kernel's AMD GPU driver component, which could potentially lead to system resource exhaustion (Wiz).
Mitigation and workarounds
The issue has been resolved by changing to use an uninterruptible wait lock. The fix has been implemented through a patch that modifies the lock behavior in the affected component (Wiz).
Additional resources
Source: This report was generated using AI
Related Linux Kernel vulnerabilities:
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Additional Wiz resources
Get a personalized demo
Ready to see Wiz in action?
"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management