Race Condition in Linux Kernel's DRM Scheduler Affecting Job Scheduling
CVE-2025-38515

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 16 August 2025

What is CVE-2025-38515?

A race condition exists in the Linux kernel's DRM scheduler where job scheduling can halt due to an unexpected interaction between job count management and queue processing. Specifically, the spsc_queue_push function may return an incorrect state when the job count is zero while the job worker is idle. To mitigate this issue, the job count should be incremented before adding to the SPSC queue. This can lead to system hangs while awaiting job completion, particularly in setups using the Xe driver as observed in the drm-tip 6.16-rc1 testing.

Affected Version(s)

Linux 27105db6c63a571b91d01e749d026105a1e63bcf < 549a9c78c3ea6807d0dc4162a4f5ba59f217d5a0

Linux 27105db6c63a571b91d01e749d026105a1e63bcf

References

https://git.kernel.org/stable/c/549a9c78c3ea6807d0dc4162a...

https://git.kernel.org/stable/c/e62f51d0ec8a9baf324caf9a5...

https://git.kernel.org/stable/c/ef841f8e4e1ff67817ca899be...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 16, 2025
Vulnerability Reserved
Apr 16, 2025