Bug 2420425 (CVE-2025-40332)

Summary: CVE-2025-40332 kernel: drm/amdkfd: Fix mmap write lock not release
Product: [Other] Security Response Reporter: OSIDB Bzimport <bzimport>
Component: vulnerabilityAssignee: Product Security DevOps Team <prodsec-dev>
Status: NEW --- QA Contact:
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: unspecifiedKeywords: Security
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: ---
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description OSIDB Bzimport 2025-12-09 05:02:34 UTC 
In the Linux kernel, the following vulnerability has been resolved:

drm/amdkfd: Fix mmap write lock not release

If mmap write lock is taken while draining retry fault, mmap write lock
is not released because svm_range_restore_pages calls mmap_read_unlock
then returns. This causes deadlock and system hangs later because mmap
read or write lock cannot be taken.

Downgrade mmap write lock to read lock if draining retry fault fix this
bug.
Comment 1 Alexander B 2025-12-09 12:36:22 UTC 
Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2025120910-CVE-2025-40332-7e62@gregkh/T