CVE-2025-38669

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: A flaw exists in the Linux kernel related to a reversion of a previous commit (1a148af06000e545e714fe3210af3d77ff903c11) that introduced a NULL-pointer dereference. The dma buf field within the drm gem object structure is not stable throughout the object's lifecycle, becoming NULL when the final GEM handle is released. Previous workarounds did not fully address the issue, particularly for buffer objects lacking a DRM framebuffer association. The reversion restores the use of .import attach->dmabuf.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.