CVE-2025-38410
BaseFortify
Publication date: 2025-07-25
Last updated on: 2025-11-03
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a fence leak in the Linux kernel's drm/msm component. Specifically, in error paths, the submit can be unreferenced without calling drm_sched_entity_push_job(), which means msm_job_free() is never called. This leads to a resource leak because drm_sched_job_cleanup() will null out the s_fence, which can be used to detect this case.
How can this vulnerability impact me? :
The vulnerability can cause resource leaks in the Linux kernel's drm/msm subsystem, potentially leading to degraded system performance or stability issues due to unreleased resources.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking for cases where drm_sched_job_cleanup() has NULLed out the s_fence, indicating a fence leak in the submit error path. However, no specific detection commands are provided in the available information.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps are not detailed in the provided information. Applying the patch that fixes the fence leak in the drm/msm submit error path is implied as the resolution.