Double Free Vulnerability in Linux Kernel's DRM Scheduler
CVE-2025-40096
What is CVE-2025-40096?
A double free vulnerability has been identified in the Linux kernel's DRM scheduler component. This issue arises during dependency management when adding error handling within the drm_sched_job_add_dependency() function. If the function encounters an error after consuming a fence reference, it incorrectly attempts to release the fence reference again, leading to a potential double free scenario. This vulnerability has been part of the codebase since dependency tracking was introduced, making it challenging to pinpoint its origins. Multiple attempts to mitigate this flaw have been made, resulting in various patches that aimed to correct the memory management logic without fully resolving the underlying double free. Developers should prioritize applying the latest patches to safeguard their systems from possible exploitation.
Affected Version(s)
Linux 963d0b3569354230f6e2c36a286ef270a8901878 < 4c38a63ae12ecc9370a7678077bde2d61aa80e9c
Linux 963d0b3569354230f6e2c36a286ef270a8901878 < 57239762aa90ad768dac055021f27705dae73344
Linux 963d0b3569354230f6e2c36a286ef270a8901878