CVE-2025-38188
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
drm/msm/a7xx: Call CP_RESET_CONTEXT_STATE
Calling this packet is necessary when we switch contexts because there are various pieces of state used by userspace to synchronize between BR and BV that are persistent across submits and we need to make sure that they are in a "safe" state when switching contexts. Otherwise a userspace submission in one context could cause another context to function incorrectly and hang, effectively a denial of service (although without leaking data). This was missed during initial a7xx bringup.
Patchwork: https://patchwork.freedesktop.org/patch/654924/
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | af66706accdf5afef45204afc87037f876e0665c < 8a1f52651dd8203695d293c6824d8f6c067877d1 | affected |
| Linux | Linux | af66706accdf5afef45204afc87037f876e0665c < 35fe72f3c425bbf1d580bd9066e2456b1dbae4a8 | affected |
| Linux | Linux | af66706accdf5afef45204afc87037f876e0665c < 2b520c6104f34e3a548525173c38ebca4402cac3 | affected |
| Linux | Linux | 6.7 | affected |
| Linux | Linux | 0 < 6.7 | unaffected |
| Linux | Linux | 6.12.35 <= 6.12.* | unaffected |
| Linux | Linux | 6.15.4 <= 6.15.* | unaffected |
| Linux | Linux | 6.16 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/8a1f52651dd8203695d293c6824d8f6c067877d1
- https://git.kernel.org/stable/c/35fe72f3c425bbf1d580bd9066e2456b1dbae4a8
- https://git.kernel.org/stable/c/2b520c6104f34e3a548525173c38ebca4402cac3
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.