Linux Kernel Vulnerability in DRM V3D Driver Impacting Device Stability
CVE-2025-21697

5.5MEDIUM

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 12 February 2025

Summary

In the Linux kernel, a vulnerability exists in the DRM V3D driver related to the handling of job pointers. Upon job completion, the driver fails to set the corresponding pointer to NULL, resulting in misleading warnings during driver unloading that suggest the job is still active. This oversight can lead to stability issues within the device, as improper job state management may cause unforeseen behavior or crashes. To enhance device reliability, it is essential to ensure that the job pointer is properly nullified following job completion.

Affected Version(s)

Linux 14d1d190869685d3a1e8a3f63924e20594557cb2 < 1bd6303d08c85072ce40ac01a767ab67195105bd

Linux 14d1d190869685d3a1e8a3f63924e20594557cb2

Linux 14d1d190869685d3a1e8a3f63924e20594557cb2 < 14e0a874488e79086340ba8e2d238cb9596b68a8

References

https://git.kernel.org/stable/c/1bd6303d08c85072ce40ac01a...

https://git.kernel.org/stable/c/a34050f70e7955a359874dff1...

https://git.kernel.org/stable/c/14e0a874488e79086340ba8e2...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 12, 2025
Vulnerability Reserved
Dec 29, 2024