DEBIAN-CVE-2025-39706
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Destroy KFD debugfs after destroy KFD wq Since KFD proc content was moved to kernel debugfs, we can't destroy KFD debugfs before kfd_process_destroy_wq. Move kfd_process_destroy_wq prior to kfd_debugfs_fini to fix a kernel NULL pointer problem. It happens when /sys/kernel/debug/kfd was already destroyed in kfd_debugfs_fini but kfd_process_destroy_wq calls kfd_debugfs_remove_process. This line debugfs_remove_recursive(entry->proc_dentry); tries to remove /sys/kernel/debug/kfd/proc/<pid> while /sys/kernel/debug/kfd is already gone. It hangs the kernel by kernel NULL pointer. (cherry picked from commit 0333052d90683d88531558dcfdbf2525cc37c233)
Risk Scores
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:13 | linux | 6.12.38-1, 6.12.41-1, 6.12.43-1 |
| Debian:14 | linux | 6.12.43-1, 6.12.48-1, 6.12.57-1 |
| Debian:12 | linux | 6.1.128-1, 6.1.85-1, 6.1.90-1~bpo11+1 |
| Debian:11 | linux-6.1 | *, 6.1.106-3~deb11u1, 6.1.106-3~deb11u2 |
| Debian:11 | linux | 6.12.20-1, 6.12.43-1, 6.12.22-1 |
Timeline
- Sep 5, 2025 CVE Published
- Apr 28, 2026 CVE Updated