CVE-2025-39747

MEDIUM

Linux Kernel - NULL Pointer Dereference in msm_ioctl_gem_info_set_metadata

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Add error handling for krealloc in metadata setup Function msm_ioctl_gem_info_set_metadata() now checks for krealloc failure and returns -ENOMEM, avoiding potential NULL pointer dereference. Explicitly avoids __GFP_NOFAIL due to deadlock risks and allocation constraints. Patchwork: https://patchwork.freedesktop.org/patch/661235/

References (4)

Core 4

Core References

Patch

https://git.kernel.org/stable/c/53dc780c1e94ea782d8936b41bfaa83c663702eb

Patch

https://git.kernel.org/stable/c/01e3eda8edc3c4caaa49261d1a56c799b0bd6268

Patch

https://git.kernel.org/stable/c/d5386bcede7b57b193c658dcbb9d22004cde7580

Patch

https://git.kernel.org/stable/c/1c8c354098ea9d4376a58c96ae6b65288a6f15d8

Scores

CVSS v3 5.5

EPSS 0.0014

EPSS Percentile 4.1%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-476

Status published

Products (14)

linux/Kernel 3.12.0 - 6.12.43linux

linux/Kernel 6.13.0 - 6.15.11linux

linux/Kernel 6.16.0 - 6.16.2linux

Linux/Linux < 3.12

Linux/Linux 0cf6c71d70d8aa39b8fd0e39c9009602a0e0d300 - 01e3eda8edc3c4caaa49261d1a56c799b0bd6268

Linux/Linux 0cf6c71d70d8aa39b8fd0e39c9009602a0e0d300 - 1c8c354098ea9d4376a58c96ae6b65288a6f15d8

Linux/Linux 0cf6c71d70d8aa39b8fd0e39c9009602a0e0d300 - 53dc780c1e94ea782d8936b41bfaa83c663702eb

Linux/Linux 0cf6c71d70d8aa39b8fd0e39c9009602a0e0d300 - d5386bcede7b57b193c658dcbb9d22004cde7580

Linux/Linux 3.12

Linux/Linux 6.12.43 - 6.12.*

... and 4 more

Published Sep 11, 2025

Tracked Since Feb 18, 2026