logo_clicknbuy.png

CVE-2025-21842 – AMD KFD Use-After-Free Buffer Overflow

The following table lists the changes that have been made to the
CVE-2025-21842 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution
of a vulnerability, and for identifying the most recent changes that may
impact the vulnerability’s severity, exploitability, or other characteristics.

  • New CVE Received
    by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Mar. 07, 2025

    Action Type Old Value New Value
    Added Description In the Linux kernel, the following vulnerability has been resolved:

    amdkfd: properly free gang_ctx_bo when failed to init user queue

    The destructor of a gtt bo is declared as
    void amdgpu_amdkfd_free_gtt_mem(struct amdgpu_device *adev, void **mem_obj);
    Which takes void** as the second parameter.

    GCC allows passing void* to the function because void* can be implicitly
    casted to any other types, so it can pass compiling.

    However, passing this void* parameter into the function’s
    execution process(which expects void** and dereferencing void**)
    will result in errors.
    Added Reference https://git.kernel.org/stable/c/091a68c58c1bbd2ab7d05d1b32c1306394ec691d
    Added Reference https://git.kernel.org/stable/c/a33f7f9660705fb2ecf3467b2c48965564f392ce
    Added Reference https://git.kernel.org/stable/c/ae5ab1c1ae504f622cc1ff48830a9ed48428146d
Share the Post:

Related Posts