CVE-2025-71314
Kernel Memory Subsystem Hang Recovery in Panthor GPU Driver
Publication date: 2026-06-03
Last updated on: 2026-06-03
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Linux kernel's drm/panthor component, specifically related to the panthor_gpu_flush_caches() function. In some cases, the entire memory subsystem can become blocked because flush operations never complete. This causes the system to hang during these operations.
To address this, the fix schedules a reset to recover from the hang situation. During the reset, pending requests are reset so new commands can be sent afterward. If additional panthor_gpu_flush_caches() operations are queued after a timeout, they are skipped and an error (-EIO) is returned immediately to avoid unnecessary waiting.
The fix also removes WARN_ON() warnings because these hangs can be triggered by buggy GPU jobs created by the user-mode driver (UMD), which cannot be prevented. However, error messages are still kept for diagnostics.
How can this vulnerability impact me? :
This vulnerability can cause the memory subsystem in affected Linux systems to become blocked, leading to system hangs during GPU cache flush operations. This can disrupt normal system operation and potentially cause application or system instability.
The implemented fix helps recover from these hangs by resetting the system state and avoiding indefinite waits, but if the issue occurs frequently, it could still impact system performance and reliability.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability relates to the Linux kernel's drm/panthor component where panthor_gpu_flush_caches() operations may hang, causing the memory subsystem to block. Detection would involve monitoring for error messages related to panthor_gpu_flush_caches() failures and observing if the system experiences memory subsystem hangs or GPU flush cache timeouts.
Since the vulnerability manifests as blocked memory subsystem and flush operations that never complete, you can check kernel logs for error messages related to panthor_gpu_flush_caches() failures.
Suggested commands to detect this issue include:
- Use dmesg or journalctl to check kernel logs for error messages related to panthor_gpu_flush_caches(): - dmesg | grep panthor_gpu_flush_caches - journalctl -k | grep panthor_gpu_flush_caches
- Monitor system responsiveness and GPU-related processes for hangs or timeouts.
What immediate steps should I take to mitigate this vulnerability?
The vulnerability has been resolved by implementing a recovery mechanism in the Linux kernel's drm/panthor driver. Immediate mitigation steps include:
- Update your Linux kernel to a version that includes the fix for this vulnerability, which recovers from panthor_gpu_flush_caches() failures by scheduling a reset and handling queued flush operations properly.
- Monitor kernel logs for related error messages to detect if the issue occurs before updating.
- Avoid running buggy GPU jobs from user-mode drivers (UMD) that may trigger this issue.