Reference Counting Issue in Linux Kernel Affecting DRM Framebuffers
CVE-2025-38449

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 25 July 2025

What is CVE-2025-38449?

A vulnerability in the Linux kernel can lead to segmentation faults in graphics drivers when DRM framebuffers improperly handle GEM buffer object references. If a GEM handle is released while still attached to a framebuffer, subsequent mode-setting operations may attempt to use an invalid memory reference, causing a crash. This issue is exacerbated by drivers that utilize shadow planes for vmap-ing DMA buffers during page flips. The fault triggers easily due to improper reference counting, leading to potential system instability.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 08480e285c6a82ce689008d643e4a51db0aaef8b

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 3cf520d9860d4ec9f7f32068825da31f18dd3f25

References

https://git.kernel.org/stable/c/cb4c956a15f8b7f8706494547...

https://git.kernel.org/stable/c/08480e285c6a82ce689008d64...

https://git.kernel.org/stable/c/3cf520d9860d4ec9f7f320688...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 25, 2025
Vulnerability Reserved
Apr 16, 2025