Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-6f37-h5g7-77g4

Опубликовано: 10 июл. 2025
Источник: github
Github: Не прошло ревью
CVSS3: 5.5

Описание

In the Linux kernel, the following vulnerability has been resolved:

drm/xe/vm: move xe_svm_init() earlier

In xe_vm_close_and_put() we need to be able to call xe_svm_fini(), however during vm creation we can call this on the error path, before having actually initialised the svm state, leading to various splats followed by a fatal NPD.

(cherry picked from commit 4f296d77cf49fcb5f90b4674123ad7f3a0676165)

In the Linux kernel, the following vulnerability has been resolved:

drm/xe/vm: move xe_svm_init() earlier

In xe_vm_close_and_put() we need to be able to call xe_svm_fini(), however during vm creation we can call this on the error path, before having actually initialised the svm state, leading to various splats followed by a fatal NPD.

(cherry picked from commit 4f296d77cf49fcb5f90b4674123ad7f3a0676165)

Ссылки

EPSS

Процентиль: 4%
0.00018
Низкий

5.5 Medium

CVSS3

CVE ID

CVE-2025-38309

Дефекты

CWE-908

Связанные уязвимости

ubuntu логотип

CVE-2025-38309

CVSS3: 5.5
ubuntu
6 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: drm/xe/vm: move xe_svm_init() earlier In xe_vm_close_and_put() we need to be able to call xe_svm_fini(), however during vm creation we can call this on the error path, before having actually initialised the svm state, leading to various splats followed by a fatal NPD. (cherry picked from commit 4f296d77cf49fcb5f90b4674123ad7f3a0676165)

redhat логотип

CVE-2025-38309

CVSS3: 5.5
redhat
6 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: drm/xe/vm: move xe_svm_init() earlier In xe_vm_close_and_put() we need to be able to call xe_svm_fini(), however during vm creation we can call this on the error path, before having actually initialised the svm state, leading to various splats followed by a fatal NPD. (cherry picked from commit 4f296d77cf49fcb5f90b4674123ad7f3a0676165)

nvd логотип

CVE-2025-38309

CVSS3: 5.5
nvd
6 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: drm/xe/vm: move xe_svm_init() earlier In xe_vm_close_and_put() we need to be able to call xe_svm_fini(), however during vm creation we can call this on the error path, before having actually initialised the svm state, leading to various splats followed by a fatal NPD. (cherry picked from commit 4f296d77cf49fcb5f90b4674123ad7f3a0676165)

debian логотип

CVE-2025-38309

CVSS3: 5.5
debian
6 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: d ...

fstec логотип

BDU:2025-09054

CVSS3: 5.5
fstec
7 месяцев назад

Уязвимость функции xe_svm_init() ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 4%
0.00018
Низкий

5.5 Medium

CVSS3

CVE ID

CVE-2025-38309

Дефекты

CWE-908