CVE-2025-21688Race Condition in Linux

CWE-362Race Condition5 documents5 sources
Severity
4.7MEDIUMNVD
EPSS
0.0%
top 93.82%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
LinuxLinux KernelDebian Linux+1 more
Timeline
PublishedFeb 10

Description

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Assign job pointer to NULL before signaling the fence In commit e4b5ccd392b9 ("drm/v3d: Ensure job pointer is set to NULL after job completion"), we introduced a change to assign the job pointer to NULL after completing a job, indicating job completion. However, this approach created a race condition between the DRM scheduler workqueue and the IRQ execution thread. As soon as the fence is signaled in the IRQ executio

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.0 | Impact: 3.6

Affected Packages5 packages

Debianlinux/linux_kernel< 5.10.234-1+3
NVDlinux/linux_kernel5 versions+4
CVEListV5linux/linux1bd6303d08c85072ce40ac01a767ab67195105bd9793206fbf5293534c3a79d78f196e2cbb48c22d+8
debiandebian/linux< linux 6.1.128-1 (bookworm)
debiandebian/linux-6.1< linux 6.1.128-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
OSV
CVE-2025-21688: In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Assign job pointer to NULL before signaling the fence In commit e4b5ccd392025-02-10
GHSA
GHSA-gjcc-jpc7-jff7: In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Assign job pointer to NULL before signaling the fence In commit e4b5ccd2025-02-10

📋Vendor Advisories

2
Red Hat
kernel: drm/v3d: Assign job pointer to NULL before signaling the fence2025-02-10
Debian
CVE-2025-21688: linux - In the Linux kernel, the following vulnerability has been resolved: drm/v3d: As...2025