Use-After-Free Vulnerability in Linux Kernel Affecting Nouveau Driver
CVE-2025-38187

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 4 July 2025

What is CVE-2025-38187?

A use-after-free vulnerability exists in the Linux kernel's Nouveau driver due to premature release of an RPC container after being passed to the r535_gsp_rpc_send() function. When handling large Remote Procedure Calls (RPCs), this flaw can lead to the container being freed too early, resulting in potential memory corruption and instability during the transmission of RPC fragments. To rectify the issue, a temporary RPC container should be allocated for the initial fragment while the caller's container is freed only after all fragments have been successfully sent.

Affected Version(s)

Linux 176fdcbddfd288408ce8571c1760ad618d962096

Linux 176fdcbddfd288408ce8571c1760ad618d962096 < 9802f0a63b641f4cddb2139c814c2e95cb825099

Linux 6.7

References

https://git.kernel.org/stable/c/cd4677407c0ee250fc21e3643...

https://git.kernel.org/stable/c/9802f0a63b641f4cddb2139c8...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 4, 2025
Vulnerability Reserved
Apr 16, 2025