SB2025072746 - NULL pointer dereference in Linux kernel drm v3d driver
Published: July 27, 2025
Security Bulletin ID
SB2025072746
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) NULL pointer dereference (CVE-ID: CVE-2025-38371)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the v3d_hub_irq(), v3d_irq_init() and v3d_irq_disable() functions in drivers/gpu/drm/v3d/v3d_irq.c, within the v3d_reset() function in drivers/gpu/drm/v3d/v3d_gem.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/226862f50a7a88e4e4de9abbf36c64d19acd6fd0
- https://git.kernel.org/stable/c/2446e25e9246e0642a41d91cbf54c33b275da3c3
- https://git.kernel.org/stable/c/387da3b6d1a90e3210bc9a7fb56703bdad2ac18a
- https://git.kernel.org/stable/c/576a6739e08ac06c67f2916f71204557232388b0
- https://git.kernel.org/stable/c/9ff95ed0371aec4d9617e478e9c69cde86cd7c38
- https://git.kernel.org/stable/c/b9c403d1236cecb10dd0246a30d81e4b265f8e8d
- https://git.kernel.org/stable/c/c8851a6ab19d9f390677c42a3cc01ff9b2eb6241
- https://git.kernel.org/stable/c/dc805c927cd832bb8f790b756880ae6c769d5fbc