CVE-2025-38672

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: A flaw exists due to an unstable dma buf field within the drm gem object structure in the Linux kernel. The field can become NULL when user space releases the final GEM handle on the buffer object, leading to a NULL-pointer dereference. Previous workarounds did not fully address the issue, particularly for buffer objects without an associated DRM framebuffer. The issue was resolved by reverting a prior commit.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.