CVE-2025-39811 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved:

drm/xe/vm: Clear the scratch_pt pointer on error

Avoid triggering a dereference of an error pointer on cleanup in
xe_vm_free_scratch() by clearing any scratch_pt error pointer.

(cherry picked from commit 358ee50ab565f3c8ea32480e9d03127a81ba32f8)

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00022.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors	Products
Linux	Linux Kernel

Advisories

Source	ID	Title
Debian DSA	DSA-6008-1	linux security update
EUVD	EUVD-2025-29603	In the Linux kernel, the following vulnerability has been resolved: drm/xe/vm: Clear the scratch_pt pointer on error Avoid triggering a dereference of an error pointer on cleanup in xe_vm_free_scratch() by clearing any scratch_pt error pointer. (cherry picked from commit 358ee50ab565f3c8ea32480e9d03127a81ba32f8)

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://git.kernel.org/stable/c/2b55ddf36229e0278c956215784ab1feeff510aa
https://git.kernel.org/stable/c/84603ed1d73ebb8de856dc11f4f5d3541c48f7a2
https://git.kernel.org/stable/c/c8277d229c7840e8090d4704e50f2ca014d194c7
https://lore.kernel.org/linux-cve-announce/2025091614-CVE-2025-39811-535b@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2025-39811
https://www.cve.org/CVERecord?id=CVE-2025-39811

History

Wed, 17 Sep 2025 11:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Linux Linux linux Kernel
Vendors & Products		Linux Linux linux Kernel

Wed, 17 Sep 2025 00:15:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2025091614-CVE-2025-39811-535b@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2025-39811 https://www.cve.org/CVERecord?id=CVE-2025-39811
Metrics	threat_severity `None`	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}` threat_severity `Low`

Tue, 16 Sep 2025 13:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: drm/xe/vm: Clear the scratch_pt pointer on error Avoid triggering a dereference of an error pointer on cleanup in xe_vm_free_scratch() by clearing any scratch_pt error pointer. (cherry picked from commit 358ee50ab565f3c8ea32480e9d03127a81ba32f8)
Title		drm/xe/vm: Clear the scratch_pt pointer on error
References		https://git.kernel.org/stable/c/2b55ddf36229e0278c956215784ab1feeff510aa https://git.kernel.org/stable/c/84603ed1d73ebb8de856dc11f4f5d3541c48f7a2 https://git.kernel.org/stable/c/c8277d229c7840e8090d4704e50f2ca014d194c7

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-09-16T13:00:13.395Z

Updated: 2025-09-29T05:59:54.870Z

Reserved: 2025-04-16T07:20:57.137Z

Link: CVE-2025-39811

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2025-09-16T13:15:54.020

Modified: 2025-09-18T13:43:34.310

Link: CVE-2025-39811

Redhat

Severity : Low

Publid Date: 2025-09-16T00:00:00Z

Links: CVE-2025-39811 - Bugzilla

OpenCVE Enrichment

Updated: 2025-09-17T10:04:30Z

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object