Use-After-Free Vulnerability in Linux Kernel Affecting Xe Driver
CVE-2025-38703

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
4 September 2025

What is CVE-2025-38703?

A vulnerability in the Xe driver of the Linux kernel allows for a use-after-free condition due to improper handling of dma-fences. When a user-space application closes the submit queue, the timeline name may be freed while still being referenced, potentially leading to undefined behavior on subsequent accesses. This flaw necessitates strict adherence to the newly defined dma-fence rules to ensure data integrity and system stability. Implementations must ensure a proper RCU grace period is maintained between fence signaling and freeing associated resources to mitigate this risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux dd08ebf6c3525a7ea2186e636df064ea47281987

Linux dd08ebf6c3525a7ea2186e636df064ea47281987

Linux dd08ebf6c3525a7ea2186e636df064ea47281987 < 683b0e397dad9f26a42dcacf6f7f545a77ce6c06

References

https://git.kernel.org/stable/c/b17fcce70733c211cb5dabf54...
https://git.kernel.org/stable/c/ba37807d08bae67de6139346a...
https://git.kernel.org/stable/c/683b0e397dad9f26a42dcacf6...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.