-
CVE-2025-38596
- EPSS 0.03%
- Published 19.08.2025 17:15:37
- Last modified 20.08.2025 14:40:17
- Source 416baaa9-dc9f-4396-8d5f-8c081f
- Teams watchlist Login
- Open Login
In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix UAF in panthor_gem_create_with_handle() debugfs code The object is potentially already gone after the drm_gem_object_put(). In general the object should be fully constructed before calling drm_gem_handle_create(), except the debugfs tracking uses a separate lock and list and separate flag to denotate whether the object is actually initialized. Since I'm touching this all anyway simplify this by only adding the object to the debugfs when it's ready for that, which allows us to delete that separate flag. panthor_gem_debugfs_bo_rm() already checks whether we've actually been added to the list or this is some error path cleanup. v2: Fix build issues for !CONFIG_DEBUGFS (Adrián) v3: Add linebreak and remove outdated comment (Liviu)
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users. Login
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
VendorLinux
≫
Product
Linux
Default Statusunaffected
Version <
5f2be12442db6a2904e6e31b0e3b5ad5aebf868b
Version
a3707f53eb3f4f3e7a30d720be0885f813d649bb
Status
affected
Version <
fe69a391808404977b1f002a6e7447de3de7a88e
Version
a3707f53eb3f4f3e7a30d720be0885f813d649bb
Status
affected
VendorLinux
≫
Product
Linux
Default Statusaffected
Version
6.16
Status
affected
Version <
6.16
Version
0
Status
unaffected
Version <=
6.16.*
Version
6.16.1
Status
unaffected
Version <=
*
Version
6.17-rc1
Status
unaffected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.03% | 0.058 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|