Race Condition in Linux Kernel's DRM v3d Component Affecting Raspberry Pi Products
CVE-2025-21688

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 10 February 2025

Summary

A race condition exists in the DRM v3d component of the Linux kernel, where the job pointer is assigned NULL post-job completion. This can lead to a NULL pointer dereference if the IRQ execution thread signals the fence just as a new job starts executing, potentially causing the system to crash when the GPU interrupts. This vulnerability affects various Raspberry Pi models running the impacted Linux kernel versions.

Affected Version(s)

Linux 1bd6303d08c85072ce40ac01a767ab67195105bd < 9793206fbf5293534c3a79d78f196e2cbb48c22d

Linux a34050f70e7955a359874dff1a912a748724a140 < 1f66a3a1a516e4d545906916b3f3c8d1c5e909e6

Linux 14e0a874488e79086340ba8e2d238cb9596b68a8 < 6cfafcad46e95351c477da0ae7e3acb8f7550ada

References

https://git.kernel.org/stable/c/9793206fbf5293534c3a79d78...

https://git.kernel.org/stable/c/1f66a3a1a516e4d545906916b...

https://git.kernel.org/stable/c/6cfafcad46e95351c477da0ae...

Timeline

Vulnerability published
Feb 10, 2025
Vulnerability Reserved
Dec 29, 2024