CVE-2023-52825: drm/amdkfd: Fix a race condition of vram buffer unref in svm code
In the Linux kernel, the following vulnerability has been resolved:
drm/amdkfd: Fix a race condition of vram buffer unref in svm code
prange->svm_bo unref can happen in both mmu callback and a callback after
migrate to system ram. Both are async call in different tasks. Sync svm_bo
unref operation to avoid random "use-after-free".
Security readout for executives and security teams
Plain-English summary
This is a Linux kernel race condition in AMD GPU memory-management code. A local, low-privileged user could cause a use-after-free condition that affects system availability. The public sources do not show data theft, privilege escalation, or active exploitation.
Executive priority
Treat this as a moderate availability risk. It is not presented as remotely exploitable or actively exploited, but kernel defects can cause operational disruption on shared Linux or GPU compute systems. Patch during the next normal kernel maintenance cycle unless affected hosts are high-availability or multi-tenant.
Technical view
CVE-2023-52825 is a CWE-362 race in drm/amdkfd SVM handling. Asynchronous callbacks can both unreference prange->svm_bo, producing a random use-after-free. CVSS 3.1 is 5.5 with local access, low complexity, low privileges, no user interaction, and high availability impact only.
Likely exposure
Exposure is most relevant to Linux systems running affected kernel versions and using AMDGPU KFD/SVM paths, such as GPU compute or AMD graphics workloads. Systems without the affected kernel code path are less likely exposed, but kernel package mapping should come from the distributor.
Exploitation context
The bundle marks KEV as false and provides no cited evidence of active exploitation. The CVSS vector indicates exploitation requires local access and low privileges. Expected impact is denial of service or instability rather than confidentiality or integrity compromise.
Researcher notes
The core issue is unsynchronized svm_bo unreference across asynchronous MMU and migration callbacks. The fix synchronizes the unref path to avoid random use-after-free. Public evidence is limited to the CVE record and Linux stable commits; no exploit details or active exploitation indicators are provided.
Mitigation direction
Apply the relevant Linux stable kernel fix or distributor kernel update.
Prioritize multi-user systems with AMD GPU or GPU compute workloads.
Check vendor or distribution advisories for exact package-to-kernel mapping.
Restrict unnecessary local shell access until patched.
Schedule reboot where required for kernel updates to take effect.
Validation and detection
Inventory running Linux kernel versions against distributor advisories.
Confirm updated kernels include the relevant stable fix commit.
Identify hosts using AMDGPU KFD or SVM-related workloads.
Review crash or kernel logs for unexplained AMDGPU/KFD instability.
Verify post-update systems are running the patched kernel.
Generated from the cited source records. This long-tail analysis has not been individually reviewed by a named human.
Potential ATT&CK relevance
Conservative CVE-to-ATT&CK context
These mappings and lookup hints may be relevant to the vulnerability behavior, CWE, affected product, or exposure path. Glexia-inferred context is not an official MITRE, ATT&CK, CWE, or CVE Program mapping.
ATT&CK lookup starting points
Use these exact CWE pages and searches to review the Glexia ATT&CK library from this CVE's weakness and description context.
cwe · low confidence lookup
CWE-362: Exact CWE lookup
Use the exact CWE identifier as the starting point before reviewing related ATT&CK behavior. Open the exact CWE lookup page first, then review the ATT&CK searches from that MITRE weakness context. This is a Glexia lookup hint, not an official ATT&CK mapping.
These fields come from the CVE record and ADP containers, not from Glexia's Take. They preserve time-varying source decisions such as CISA SSVC, KEV status, CVSS metrics, and provider references.
We collect every scored CVSS vector available in the official CNA and ADP containers. When more than one version is present, the table keeps the source vectors side by side instead of collapsing them into the highest score.
CWE links open Glexia weakness intelligence pages with official CWE context, developer remediation guidance, and related CVE mappings.
CWE-362 · source CWE mapping
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') represents a recurring weakness pattern that can create exploitable paths when design, validation, or implementation controls are missing.