CVE-2025-71314
Analyzed Analyzed - Analysis Complete
Kernel Memory Subsystem Hang Recovery in Panthor GPU Driver

Publication date: 2026-06-03

Last updated on: 2026-06-09

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Recover from panthor_gpu_flush_caches() failures We have seen a few cases where the whole memory subsystem is blocked and flush operations never complete. When that happens, we want to: - schedule a reset, so we can recover from this situation - in the reset path, we need to reset the pending_reqs so we can send new commands after the reset - if more panthor_gpu_flush_caches() operations are queued after the timeout, we skip them and return -EIO directly to avoid needless waits (the memory block won't miraculously work again) Note that we drop the WARN_ON()s because these hangs can be triggered with buggy GPU jobs created by the UMD, and there's no way we can prevent it. We do keep the error messages though. v2: - New patch v3: - Collect R-b - Explicitly mention the fact we dropped the WARN_ON()s in the commit message v4: - No changes
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-03
Last Modified
2026-06-09
Generated
2026-06-24
AI Q&A
2026-06-03
EPSS Evaluated
2026-06-22
NVD
CVE-2025-71314
EUVD
EUVD-2025-210057
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
linux linux_kernel From 6.13 (inc) to 6.18.14 (exc)
linux linux_kernel From 6.19 (inc) to 6.19.4 (exc)
linux linux_kernel From 6.10 (inc) to 6.12.75 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the Linux kernel's drm/panthor component, specifically related to the panthor_gpu_flush_caches() function. In some cases, the entire memory subsystem can become blocked because flush operations never complete. This causes the system to hang during these operations.

To address this, the fix schedules a reset to recover from the hang situation. During the reset, pending requests are reset so new commands can be sent afterward. If additional panthor_gpu_flush_caches() operations are queued after a timeout, they are skipped and an error (-EIO) is returned immediately to avoid unnecessary waiting.

The fix also removes WARN_ON() warnings because these hangs can be triggered by buggy GPU jobs created by the user-mode driver (UMD), which cannot be prevented. However, error messages are still kept for diagnostics.

Impact Analysis

This vulnerability can cause the memory subsystem in affected Linux systems to become blocked, leading to system hangs during GPU cache flush operations. This can disrupt normal system operation and potentially cause application or system instability.

The implemented fix helps recover from these hangs by resetting the system state and avoiding indefinite waits, but if the issue occurs frequently, it could still impact system performance and reliability.

Detection Guidance

This vulnerability relates to the Linux kernel's drm/panthor component where panthor_gpu_flush_caches() operations may hang, causing the memory subsystem to block. Detection would involve monitoring for error messages related to panthor_gpu_flush_caches() failures and observing if the system experiences memory subsystem hangs or GPU flush cache timeouts.

Since the vulnerability manifests as blocked memory subsystem and flush operations that never complete, you can check kernel logs for error messages related to panthor_gpu_flush_caches() failures.

Suggested commands to detect this issue include:

  • Use dmesg or journalctl to check kernel logs for error messages related to panthor_gpu_flush_caches(): - dmesg | grep panthor_gpu_flush_caches - journalctl -k | grep panthor_gpu_flush_caches
  • Monitor system responsiveness and GPU-related processes for hangs or timeouts.
Mitigation Strategies

The vulnerability has been resolved by implementing a recovery mechanism in the Linux kernel's drm/panthor driver. Immediate mitigation steps include:

  • Update your Linux kernel to a version that includes the fix for this vulnerability, which recovers from panthor_gpu_flush_caches() failures by scheduling a reset and handling queued flush operations properly.
  • Monitor kernel logs for related error messages to detect if the issue occurs before updating.
  • Avoid running buggy GPU jobs from user-mode drivers (UMD) that may trigger this issue.
Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-71314. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart