-
CVE-2025-38673
- EPSS 0.03%
- Veröffentlicht 22.08.2025 16:03:03
- Zuletzt bearbeitet 22.08.2025 18:08:51
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- Teams Watchlist Login
- Unerledigt Login
In the Linux kernel, the following vulnerability has been resolved:
Revert "drm/gem-framebuffer: Use dma_buf from GEM object instance"
This reverts commit cce16fcd7446dcff7480cd9d2b6417075ed81065.
The dma_buf field in struct drm_gem_object is not stable over the
object instance's lifetime. The field becomes NULL when user space
releases the final GEM handle on the buffer object. This resulted
in a NULL-pointer deref.
Workarounds in commit 5307dce878d4 ("drm/gem: Acquire references on
GEM handles for framebuffers") and commit f6bfc9afc751 ("drm/framebuffer:
Acquire internal references on GEM handles") only solved the problem
partially. They especially don't work for buffer objects without a DRM
framebuffer associated.
Hence, this revert to going back to using .import_attach->dmabuf.
v3:
- cc stableVerknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. Login
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
≫
Produkt
Linux
Default Statusunaffected
Version <
e31f5a1c2cd38bf977736cdfa79444e19d4005ec
Version
cce16fcd7446dcff7480cd9d2b6417075ed81065
Status
affected
Version <
2712ca878b688682ac2ce02aefc413fc76019cd9
Version
cce16fcd7446dcff7480cd9d2b6417075ed81065
Status
affected
HerstellerLinux
≫
Produkt
Linux
Default Statusaffected
Version
6.15
Status
affected
Version <
6.15
Version
0
Status
unaffected
Version <=
6.15.*
Version
6.15.9
Status
unaffected
Version <=
*
Version
6.16
Status
unaffected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.03% | 0.057 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|