Use-After-Free Vulnerability in Linux Kernel Affecting Nouveau Driver
CVE-2025-38187

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 4 July 2025

What is CVE-2025-38187?

A use-after-free vulnerability exists in the Linux kernel's Nouveau driver due to premature release of an RPC container after being passed to the r535_gsp_rpc_send() function. When handling large Remote Procedure Calls (RPCs), this flaw can lead to the container being freed too early, resulting in potential memory corruption and instability during the transmission of RPC fragments. To rectify the issue, a temporary RPC container should be allocated for the initial fragment while the caller's container is freed only after all fragments have been successfully sent.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch