CVE-2025-21842

March 7, 2025, 9:15 a.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: amdkfd: properly free gang_ctx_bo when failed to init user queue The destructor of a gtt bo is declared as void amdgpu_amdkfd_free_gtt_mem(struct amdgpu_device *adev, void **mem_obj); Which takes void** as the second parameter. GCC allows passing void* to the function because void* can be implicitly casted to any other types, so it can pass compiling. However, passing this void* parameter into the function's execution process(which expects void** and dereferencing void**) will result in errors.

Product(s) Impacted

Product Versions
Linux kernel
  • []

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://git.kernel.org/stable/c/091a68c58c1bbd2ab7d05d1b32c1306394ec691d
https://git.kernel.org/stable/c/a33f7f9660705fb2ecf3467b2c48965564f392ce
https://git.kernel.org/stable/c/ae5ab1c1ae504f622cc1ff48830a9ed48428146d

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2025-03-07
CVE-2025-21842

Timeline

Published: March 7, 2025, 9:15 a.m.
Last Modified: March 7, 2025, 9:15 a.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.