PT-2025-44386 · Linux+4 · Linux Kernel+4
Published
2025-10-16
·
Updated
2026-05-07
·
CVE-2025-40096
CVSS v2.0
6.0
Medium
| Vector | AV:L/AC:H/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Linux kernel (affected versions not specified)
Description
The Linux kernel contains a flaw in the drm/sched subsystem related to dependency management. Specifically, a potential double free can occur in the
drm sched job add resv dependencies function when adding dependencies using drm sched job add dependency(). This issue stems from consuming a fence reference both on success and failure, leading to a double free on the error path. The root cause appears to have been present since an earlier commit and was exacerbated by subsequent changes, with multiple attempts to address it only shifting the location of the double free. The function drm sched job add dependency() is involved in the issue.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Buffer Overflow
Double Free
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Linuxmint
Linux Kernel
Rocky Linux
Suse
Ubuntu