CVE-2025-71296
Received Received - Intake
Race Condition in Linux Kernel DRM Shmem Helper

Publication date: 2026-05-08

Last updated on: 2026-05-08

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: drm/tests: shmem: Hold reservation lock around purge Acquire and release the GEM object's reservation lock around calls to the object's purge operation. The tests use drm_gem_shmem_purge_locked(), which led to errors such as show below. [ 58.709128] WARNING: CPU: 1 PID: 1354 at drivers/gpu/drm/drm_gem_shmem_helper.c:515 drm_gem_shmem_purge_locked+0x51c/0x740 Only export the new helper drm_gem_shmem_purge() for Kunit tests. This is not an interface for regular drivers.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-08
Last Modified
2026-05-08
Generated
2026-05-09
AI Q&A
2026-05-08
EPSS Evaluated
N/A
NVD
CVE-2025-71296
EUVD
EUVD-2025-209745
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability in the Linux kernel relates to the drm/tests subsystem, specifically the shmem (shared memory) component. The issue was that the GEM object's reservation lock was not properly held around the purge operation, which could lead to errors during execution. The fix involved acquiring and releasing the GEM object's reservation lock around calls to the purge operation to prevent such errors.

Additionally, a new helper function drm_gem_shmem_purge() was introduced exclusively for Kunit tests and is not intended as an interface for regular drivers.


How can this vulnerability impact me? :

The vulnerability could cause errors in the GPU DRM subsystem related to shared memory purging operations, potentially leading to instability or unexpected behavior in the graphics driver tests. However, since the issue is related to test code and internal locking mechanisms, it is unlikely to directly impact regular driver operation or end users.


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability manifests as errors related to the drm_gem_shmem_purge_locked() function in the Linux kernel's DRM subsystem.

You can detect it by checking your system logs for warnings similar to the following message:

  • [ 58.709128] WARNING: CPU: 1 PID: 1354 at drivers/gpu/drm/drm_gem_shmem_helper.c:515 drm_gem_shmem_purge_locked+0x51c/0x740

To search for this in your logs, you can use commands like:

  • dmesg | grep drm_gem_shmem_purge_locked
  • journalctl -k | grep drm_gem_shmem_purge_locked

What immediate steps should I take to mitigate this vulnerability?

The vulnerability has been resolved by acquiring and releasing the GEM object's reservation lock around calls to the object's purge operation.

Immediate mitigation steps include updating your Linux kernel to a version that includes this fix.

Avoid using the drm_gem_shmem_purge_locked() function directly in drivers, as the new helper drm_gem_shmem_purge() is intended only for Kunit tests and not for regular drivers.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart