Vulnerability DatabaseCVE-2025-38598

CVE-2025-38598:
Linux Ubuntu vulnerability analysis and mitigation

Overview

CVE-2025-38598 is a use-after-free vulnerability discovered in the Linux kernel's AMD GPU driver (amdgpu). The vulnerability was disclosed on August 19, 2025, and specifically affects the amdgpuuserqsuspend function. This security issue impacts systems running the Linux kernel with AMD GPU drivers (NVD).

Technical details

The vulnerability manifests as a slab-use-after-free condition in the amdgpuuserqsuspend function, specifically at offset 0x51a/0x5a0. The issue involves a read operation of size 8 at address ffff88812eec8c58, which occurs during the AMD PCI device unplugging process. The bug was detected by the Kernel Address Sanitizer (KASAN) on a system running Linux kernel version 6.14.0+ (Debian Tracker).

Impact

The use-after-free vulnerability in the AMD GPU driver could potentially lead to system instability or crashes when unplugging AMD PCI devices. This affects systems using AMD graphics cards with the amdgpu driver, particularly during device suspension operations (NVD).

Mitigation and workarounds

The vulnerability has been fixed in various Linux distributions. Debian has addressed the issue in multiple releases: bullseye (5.10.237-1), bookworm (6.1.147-1), trixie (6.12.41-1), and forky/sid (6.16.3-1). Users are advised to update their systems to the patched versions (Debian Tracker).

Additional resources

Source: This report was generated using AI

Related Linux Ubuntu vulnerabilities:

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2025-40266	MEDIUM	6.5	Linux Debian	linux-aws-fips	No	No	Dec 04, 2025
CVE-2025-40264	MEDIUM	5.5	Linux Kernel	kernel-64k-modules-extra	No	No	Dec 04, 2025
CVE-2025-40263	MEDIUM	5.1	Linux Debian	linux	No	No	Dec 04, 2025
CVE-2025-66270	MEDIUM	4.7	Linux Debian	gnome-shell-extension-gsconnect	No	Yes	Dec 05, 2025
CVE-2025-40265	N/A	N/A	Linux Debian	linux	No	No	Dec 04, 2025