Null Pointer Dereference in Linux Kernel's DRM Component
CVE-2025-38672

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
22 August 2025

What is CVE-2025-38672?

A flaw exists in the Linux kernel's Direct Rendering Manager (DRM) component, where the dma_buf field in the drm_gem_object structure can become NULL when the user space releases the last GEM handle. This leads to a potential NULL-pointer dereference, jeopardizing system stability and security. Previous workarounds did not fully address the issue, particularly for buffer objects lacking an associated DRM framebuffer. The kernel has reverted to an earlier method to restore stability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux e8afa1557f4f963c9a511bd2c6074a941c308685

Linux e8afa1557f4f963c9a511bd2c6074a941c308685 < 1918e79be908b8a2c8757640289bc196c14d928a

Linux 6.15

References

https://git.kernel.org/stable/c/e7bdb3104a2f71ec1439d37f8...
https://git.kernel.org/stable/c/1918e79be908b8a2c87576402...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.