CVE-2025-68732
Race Condition in Linux Kernel host1x syncpt Allocation
Publication date: 2025-12-24
Last updated on: 2025-12-24
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a race condition in the Linux kernel's gpu host1x driver related to synchronization point (syncpt) allocation and freeing. Specifically, there was a race between host1x_syncpt_alloc() and host1x_syncpt_put() functions, which could allow syncpoints to be allocated while they were still being cleaned up from a previous release. The fix involves using kref_put_mutex() to ensure atomic locking and prevent threads from acquiring the syncpt_mutex after the reference count drops to zero but before the syncpt_release function acquires it, thus preventing the race condition.
How can this vulnerability impact me? :
This race condition could lead to improper synchronization point management in the GPU host1x driver, potentially causing system instability, crashes, or unpredictable behavior in GPU operations. It may affect the reliability of GPU resource management and could lead to use-after-free or other concurrency-related issues in the kernel.