CVE-2025-38095

MEDIUM

Linux Kernel 5.0-6.14.7 - DMA-BUF Fence Update Null Pointer Dereference

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: dma-buf: insert memory barrier before updating num_fences smp_store_mb() inserts memory barrier after storing operation. It is different with what the comment is originally aiming so Null pointer dereference can be happened if memory update is reordered.

References (9)

Core 9

Core References

Third Party Advisory, Mailing List

https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html

Third Party Advisory, Mailing List

https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html

Patch

https://git.kernel.org/stable/c/90eb79c4ed98a4e24a62ccf61c199ab0f680fa8f

Patch

https://git.kernel.org/stable/c/d0b7f11dd68b593bd970e5735be00e8d89bace30

Patch

https://git.kernel.org/stable/c/3becc659f9cb76b481ad1fb71f54d5c8d6332d3f

Patch

https://git.kernel.org/stable/c/c9d2b9a80d06a58f37e0dc8c827075639b443927

Patch

https://git.kernel.org/stable/c/fe1bebd0edb22e3536cbc920ec713331d1367ad4

Patch

https://git.kernel.org/stable/c/08680c4dadc6e736c75bc2409d833f03f9003c51

Patch

https://git.kernel.org/stable/c/72c7d62583ebce7baeb61acce6057c361f73be4a

Scores

CVSS v3 5.5

EPSS 0.0012

EPSS Percentile 30.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-476

Status published

Products (25)

debian/debian_linux 11.0

linux/Kernel 5.0.0 - 5.10.241linux

linux/Kernel 5.11.0 - 5.15.192linux

linux/Kernel 5.16.0 - 6.1.140linux

linux/Kernel 6.13.0 - 6.14.8linux

linux/Kernel 6.2.0 - 6.6.92linux

linux/Kernel 6.7.0 - 6.12.30linux

Linux/Linux < 5.0

Linux/Linux 5.0

Linux/Linux 5.10.241 - 5.10.*

... and 15 more

Published Jul 03, 2025

Tracked Since Feb 18, 2026