{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-40336", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-04-16T07:20:57.186Z", "datePublished": "2025-12-09T04:09:52.845Z", "dateUpdated": "2025-12-09T04:09:52.845Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-12-09T04:09:52.845Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/gpusvm: fix hmm_pfn_to_map_order() usage\n\nHandle the case where the hmm range partially covers a huge page (like\n2M), otherwise we can potentially end up doing something nasty like\nmapping memory which is outside the range, and maybe not even mapped by\nthe mm. Fix is based on the xe userptr code, which in a future patch\nwill directly use gpusvm, so needs alignment here.\n\nv2:\n - Add kernel-doc (Matt B)\n - s/fls/ilog2/ (Thomas)"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/drm_gpusvm.c"], "versions": [{"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "08e9fd78ba1b9e95141181c69cc51795c9888157", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "c50729c68aaf93611c855752b00e49ce1fdd1558", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/drm_gpusvm.c"], "versions": [{"version": "6.17.8", "lessThanOrEqual": "6.17.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.18", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.17.8"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.18"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/08e9fd78ba1b9e95141181c69cc51795c9888157"}, {"url": "https://git.kernel.org/stable/c/c50729c68aaf93611c855752b00e49ce1fdd1558"}], "title": "drm/gpusvm: fix hmm_pfn_to_map_order() usage", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/gpusvm: fix hmm_pfn_to_map_order() usage\n\nHandle the case where the hmm range partially covers a huge page (like\n2M), otherwise we can potentially end up doing something nasty like\nmapping memory which is outside the range, and maybe not even mapped by\nthe mm. Fix is based on the xe userptr code, which in a future patch\nwill directly use gpusvm, so needs alignment here.\n\nv2:\n - Add kernel-doc (Matt B)\n - s/fls/ilog2/ (Thomas)"}], "id": "CVE-2025-40336", "lastModified": "2025-12-09T18:36:53.557", "metrics": {}, "published": "2025-12-09T16:17:43.820", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/08e9fd78ba1b9e95141181c69cc51795c9888157"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/c50729c68aaf93611c855752b00e49ce1fdd1558"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: drm/gpusvm: fix hmm_pfn_to_map_order() usage", "id": "2420416", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2420416"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.0", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "status": "draft"}, "details": ["No description is available for this CVE."], "name": "CVE-2025-40336", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-12-09T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-40336\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-40336\nhttps://lore.kernel.org/linux-cve-announce/2025120911-CVE-2025-40336-781e@gregkh/T"], "statement": "This vulnerability affects systems using GPU drivers that utilize the gpusvm subsystem for shared virtual memory between CPU and GPU. Exploitation requires local access and the ability to use GPU memory mapping features. The impact includes potential information disclosure or memory corruption.", "threat_severity": "Moderate"}

{}