CVE-2025-38449

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A vulnerability exists in the Linux kernel related to GEM (Graphics Execution Manager) handles and framebuffers. A GEM handle can be released while still attached to a DRM (Direct Rendering Manager) framebuffer, potentially leading to a segmentation fault when attempting to use the framebuffer in subsequent mode-setting operations. This issue is more likely to occur with drivers that utilize shadow planes for vmap-ing the dma-buf during a page flip. The commit 1a148af06000 ("drm/gem-shmem: Use dma-buf from GEM object instance") is noted as easily triggering the segmentation fault. The core issue involves insufficient reference counting of GEM handles.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.