CVE-2025-71294 - Vulnerability Details

- drm/amdgpu: fix NULL pointer issue buffer funcs

Description

In the Linux kernel, the following vulnerability has been resolved:

drm/amdgpu: fix NULL pointer issue buffer funcs

If SDMA block not enabled, buffer_funcs will not initialize,
fix the null pointer issue if buffer_funcs not initialized.

Published: 2026-05-06

Score: n/a

EPSS: n/a

KEV: No

Impact:

Action:

Analysis

Impact

A null pointer dereference occurs in the AMDGPU DRM driver when the SDMA block is disabled and buffer functions are not initialized. This fault can trigger a kernel panic, resulting in a system reboot and loss of availability. The flaw originates from a use of an uninitialized pointer and corresponds to CWE‑476.

Affected Systems

All releases of the Linux kernel that incorporate the AMDGPU DRM driver are potentially affected, regardless of distribution. The specific kernel versions are not listed, so any build preceding the patch that contains this code path should be considered vulnerable.

Risk and Exploitability

The EPSS score is not available and the vulnerability is not listed in the CISA KEV catalog, indicating no known active exploitation. Based on the description, it is inferred that the attack vector requires local privileged access, such as sending crafted commands to the AMDGPU device or exploiting a privileged application. If an attacker gains such access, the kernel panic can be triggered, leading to a denial of service.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

unaffected

Version	Status	Constraints
`1da177e4c3f41524e886b7f1b8a0c1fc7321cac2`	affected	< 29fd416e0e08aa6d5a97fd313749d08d83de0826
`1da177e4c3f41524e886b7f1b8a0c1fc7321cac2`	affected	< 276028fd9b60bbcc68796d1124b6b58298f4ca8a
`1da177e4c3f41524e886b7f1b8a0c1fc7321cac2`	affected	< 3e849a93bff40f0c88a8aafba062b1de0ec2797b
`1da177e4c3f41524e886b7f1b8a0c1fc7321cac2`	affected	< 9877a865d62c9c3e0f4cc369dc9ca9f7f24f5ee9

Linux

affected

Version	Status	Constraints
`6.12.75`	unaffected	≤ 6.12.*
`6.18.16`	unaffected	≤ 6.18.*
`6.19.6`	unaffected	≤ 6.19.*
`7.0`	unaffected	≤ *

No data.

Vendor Product Confidence Versions

Linux

Linux Kernel

99%

Version	Status	Scheme	Platform
`[1da177e4c3f41524e886b7f1b8a0c1fc7321cac2,29fd416e0e08aa6d5a97fd313749d08d83de0826)`	affected	code_commit	—
`[1da177e4c3f41524e886b7f1b8a0c1fc7321cac2,276028fd9b60bbcc68796d1124b6b58298f4ca8a)`	affected	code_commit	—
`[1da177e4c3f41524e886b7f1b8a0c1fc7321cac2,3e849a93bff40f0c88a8aafba062b1de0ec2797b)`	affected	code_commit	—
`[1da177e4c3f41524e886b7f1b8a0c1fc7321cac2,9877a865d62c9c3e0f4cc369dc9ca9f7f24f5ee9)`	affected	code_commit	—

Linux

Linux Kernel

99%

Version	Status	Scheme	Platform
`[6.12.75,6.13.0)`	unaffected	semver	—
`[6.18.16,6.19.0)`	unaffected	semver	—
`[6.19.6,6.20.0)`	unaffected	semver	—
`[7.0,*]`	unaffected	semver	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Apply a kernel update that includes the AMDGPU null-pointer fix
If an update is not immediately possible, disable the SDMA block in the kernel configuration (CONFIG_DRM_AMDGPU_SDMA=n) or unload the amdgpu module to avoid the uninitialized usage
Enable kernel hardening options, such as address space layout randomization and other relevant sysctl parameters, to reduce the impact of any remaining kernel panic conditions

Generated by OpenCVE AI on May 6, 2026 at 13:55 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://git.kernel.org/stable/c/276028fd9b60bbcc68796d1124b6b58298f4ca8a
https://git.kernel.org/stable/c/29fd416e0e08aa6d5a97fd313749d08d83de0826
https://git.kernel.org/stable/c/3e849a93bff40f0c88a8aafba062b1de0ec2797b
https://git.kernel.org/stable/c/9877a865d62c9c3e0f4cc369dc9ca9f7f24f5ee9

History

Wed, 06 May 2026 12:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix NULL pointer issue buffer funcs If SDMA block not enabled, buffer_funcs will not initialize, fix the null pointer issue if buffer_funcs not initialized.
Title		drm/amdgpu: fix NULL pointer issue buffer funcs
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/276028fd9b60bbcc68796d1124b6b58298f4ca8a https://git.kernel.org/stable/c/29fd416e0e08aa6d5a97fd313749d08d83de0826 https://git.kernel.org/stable/c/3e849a93bff40f0c88a8aafba062b1de0ec2797b https://git.kernel.org/stable/c/9877a865d62c9c3e0f4cc369dc9ca9f7f24f5ee9

Subscriptions

Linux Linux Kernel

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-05-06T11:32:25.247Z

Updated: 2026-05-06T11:32:25.247Z

Reserved: 2026-05-06T11:31:45.510Z

Link: CVE-2025-71294

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2026-05-06T12:16:28.707

Modified: 2026-05-06T13:07:51.607

Link: CVE-2025-71294

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-05-06T14:00:06Z

Weaknesses

No weakness.

Impact

Affected Systems

Risk and Exploitability

Tracking

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object