This vulnerability is a reference leak in the Linux kernel’s AMDGPU driver. A failure to drop references to a syncobj and a timeline fence when an amdgpu_userq_wait_ioctl request aborts because the supplied output array is too small means these objects are never freed. The leak causes kernel memory to be consumed over time, potentially exhausting resources and allowing a local user to disrupt system stability with a denial‑of‑service.

Vendors listed under the CNA entry are Linux for the Linux kernel. The issue is present in any kernel build that contains the unpatched amdgpu driver, prior to incorporating commit 68951e9c3e6bb22396bc42ef2359751c8315dd27. Specific version information is not supplied by the CNA, so users should verify that their kernel version reflects that commit or newer.

Because the flaw is triggered by a user‑space ioctl, the attack is local. The CVSS score is not presented; exploitation probability is unknown because EPSS is not available and the vulnerability is not listed in KEV. If an attacker can repeatedly invoke the ioctl with an improperly sized output buffer, they can induce a growing leak of kernel objects, increasing system load and eventually leading to denial of service. The impact is limited to systems running affected kernels and is not apparent from a network perspective. Based on the description, the likely attack vector is a local user executing the amdgpu_userq_wait_ioctl ioctl with an incorrectly sized buffer.