CVE-2025-40332 — Linux vulnerability

17 documents8 sources

Severity

5.5MEDIUM

No vector

EPSS

0.0%

top 90.89%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux +3 more

Timeline

PublishedDec 9

Latest updateFeb 24

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix mmap write lock not release If mmap write lock is taken while draining retry fault, mmap write lock is not released because svm_range_restore_pages calls mmap_read_unlock then returns. This causes deadlock and system hangs later because mmap read or write lock cannot be taken. Downgrade mmap write lock to read lock if draining retry fault fix this bug.

Affected Packages8 packages

▶Linuxlinux/linux_kernel6.13.0 — 6.17.8+1

▶Debianlinux/linux_kernel< 6.12.63-1+1

▶Ubuntulinux/linux_kernel< 6.17.0-14.14

▶msrcmsrc/azl3_kernel_6.6.117.1-1_on_azure_linux_3.0

▶msrcmsrc/azl3_kernel_6.6.119.3-1_on_azure_linux_3.0

🔴Vulnerability Details

OSV

linux-azure vulnerabilities↗2026-02-24

▶

OSV

linux-oem-6.17 vulnerabilities↗2026-02-17

▶

OSV

linux-aws, linux-oracle vulnerabilities↗2026-02-17

▶

OSV

linux-gcp vulnerabilities↗2026-02-12

▶

OSV

linux, linux-raspi, linux-realtime vulnerabilities↗2026-02-12

▶

📋Vendor Advisories

Ubuntu

Linux kernel (Azure) vulnerabilities↗2026-02-24

▶

Ubuntu

Linux kernel (OEM) vulnerabilities↗2026-02-17

▶

Ubuntu

Linux kernel (GCP) vulnerabilities↗2026-02-12

▶

Ubuntu

Linux kernel vulnerabilities↗2026-02-12

▶

Microsoft

drm/amdkfd: Fix mmap write lock not release↗2025-12-09

▶

🕵️Threat Intelligence

Wiz

CVE-2025-40332 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶