Main Vulnerability Database SB2025050492

SB2025050492 - Improper resource shutdown or release in Linux kernel amd amdgpu driver

Published: May 4, 2025 Updated: May 10, 2025

Security Bulletin ID SB2025050492

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Improper resource shutdown or release (CVE-ID: CVE-2023-53036)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to failure to properly release resources within the amdgpu_bo_release_notify() function in drivers/gpu/drm/amd/amdgpu/amdgpu_object.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://git.kernel.org/stable/c/93bb18d2a873d2fa9625c8ea927723660a868b95
https://git.kernel.org/stable/c/9a02dae3bbfe2df8e1c81e61a08695709e9588f9
https://git.kernel.org/stable/c/f06b902511ea05526f405ee64da54a8313d91831
https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.22