CVE-2025-38093
BaseFortify
Publication date: 2025-07-02
Last updated on: 2025-11-20
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-NVD-CWE-noinfo |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves the GPU in certain Linux kernel configurations not automatically throttling its speed when it reaches high temperatures. Unlike the CPU, the GPU can reach a critical hardware shutdown temperature of 120Β°C under high load, which can damage the hardware and prevent some applications from running. The fix adds GPU cooling by throttling the GPU speed at 95Β°C and checking the temperature every 200ms.
How can this vulnerability impact me? :
If exploited or encountered, this vulnerability can cause the GPU to overheat to critical levels (120Β°C), potentially damaging the hardware and making it impossible to run certain GPU-intensive applications.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, update the Linux kernel to a version that includes the fix for GPU cooling on arm64 qcom x1e80100 devices. This fix adds GPU cooling by throttling GPU speed when temperatures reach 95Β°C, preventing hardware damage. Until the update is applied, avoid running workloads that cause high GPU temperatures near or above 95Β°C to reduce risk.