CVE-2025-38095

Summary

In the Linux kernel, the following vulnerability has been resolved:

dma-buf: insert memory barrier before updating num_fences

smp_store_mb() inserts memory barrier after storing operation. It is different with what the comment is originally aiming so Null pointer dereference can be happened if memory update is reordered.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxa590d0fdbaa56f482ff515e1040b6d9b1b200d63 < 90eb79c4ed98a4e24a62ccf61c199ab0f680fa8faffected
LinuxLinuxa590d0fdbaa56f482ff515e1040b6d9b1b200d63 < d0b7f11dd68b593bd970e5735be00e8d89bace30affected
LinuxLinuxa590d0fdbaa56f482ff515e1040b6d9b1b200d63 < 3becc659f9cb76b481ad1fb71f54d5c8d6332d3faffected
LinuxLinuxa590d0fdbaa56f482ff515e1040b6d9b1b200d63 < c9d2b9a80d06a58f37e0dc8c827075639b443927affected
LinuxLinuxa590d0fdbaa56f482ff515e1040b6d9b1b200d63 < fe1bebd0edb22e3536cbc920ec713331d1367ad4affected
LinuxLinuxa590d0fdbaa56f482ff515e1040b6d9b1b200d63 < 08680c4dadc6e736c75bc2409d833f03f9003c51affected
LinuxLinuxa590d0fdbaa56f482ff515e1040b6d9b1b200d63 < 72c7d62583ebce7baeb61acce6057c361f73be4aaffected
LinuxLinux5.0affected
LinuxLinux0 < 5.0unaffected
LinuxLinux5.10.241 <= 5.10.*unaffected
LinuxLinux5.15.192 <= 5.15.*unaffected
LinuxLinux6.1.140 <= 6.1.*unaffected
LinuxLinux6.6.92 <= 6.6.*unaffected
LinuxLinux6.12.30 <= 6.12.*unaffected
LinuxLinux6.14.8 <= 6.14.*unaffected
LinuxLinux6.15 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References