CVE-2025-38674

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: A flaw exists in the Linux kernel related to a reversion of a previous commit (f83a9b8c7fd0557b0c50784bfdc1bbe9140c9bf8) concerning the handling of dma buf within drm gem object. The dma buf field becomes NULL when the final GEM handle is released, leading to a NULL-pointer dereference. Previous workarounds did not fully address the issue, particularly for buffer objects without an associated DRM framebuffer. The reversion restores the use of .import attach->dmabuf.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.