CVE-2025-39811 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved:

drm/xe/vm: Clear the scratch_pt pointer on error

Avoid triggering a dereference of an error pointer on cleanup in
xe_vm_free_scratch() by clearing any scratch_pt error pointer.

(cherry picked from commit 358ee50ab565f3c8ea32480e9d03127a81ba32f8)

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

No data.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://git.kernel.org/stable/c/2b55ddf36229e0278c956215784ab1feeff510aa
https://git.kernel.org/stable/c/84603ed1d73ebb8de856dc11f4f5d3541c48f7a2
https://git.kernel.org/stable/c/c8277d229c7840e8090d4704e50f2ca014d194c7

History

Tue, 16 Sep 2025 13:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: drm/xe/vm: Clear the scratch_pt pointer on error Avoid triggering a dereference of an error pointer on cleanup in xe_vm_free_scratch() by clearing any scratch_pt error pointer. (cherry picked from commit 358ee50ab565f3c8ea32480e9d03127a81ba32f8)
Title		drm/xe/vm: Clear the scratch_pt pointer on error
References		https://git.kernel.org/stable/c/2b55ddf36229e0278c956215784ab1feeff510aa https://git.kernel.org/stable/c/84603ed1d73ebb8de856dc11f4f5d3541c48f7a2 https://git.kernel.org/stable/c/c8277d229c7840e8090d4704e50f2ca014d194c7

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-09-16T13:00:13.395Z

Updated: 2025-09-16T13:00:13.395Z

Reserved: 2025-04-16T07:20:57.137Z

Link: CVE-2025-39811

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-09-16T13:15:54.020

Modified: 2025-09-16T13:15:54.020

Link: CVE-2025-39811

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-39811", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-04-16T07:20:57.137Z", "datePublished": "2025-09-16T13:00:13.395Z", "dateUpdated": "2025-09-16T13:00:13.395Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-09-16T13:00:13.395Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe/vm: Clear the scratch_pt pointer on error\n\nAvoid triggering a dereference of an error pointer on cleanup in\nxe_vm_free_scratch() by clearing any scratch_pt error pointer.\n\n(cherry picked from commit 358ee50ab565f3c8ea32480e9d03127a81ba32f8)"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/xe/xe_vm.c"], "versions": [{"version": "06951c2ee72df2f53b71e7cf2b504d4fa6bba453", "lessThan": "c8277d229c7840e8090d4704e50f2ca014d194c7", "status": "affected", "versionType": "git"}, {"version": "06951c2ee72df2f53b71e7cf2b504d4fa6bba453", "lessThan": "84603ed1d73ebb8de856dc11f4f5d3541c48f7a2", "status": "affected", "versionType": "git"}, {"version": "06951c2ee72df2f53b71e7cf2b504d4fa6bba453", "lessThan": "2b55ddf36229e0278c956215784ab1feeff510aa", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/xe/xe_vm.c"], "versions": [{"version": "6.8", "status": "affected"}, {"version": "0", "lessThan": "6.8", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.45", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.16.5", "lessThanOrEqual": "6.16.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.17-rc4", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.8", "versionEndExcluding": "6.12.45"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.8", "versionEndExcluding": "6.16.5"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.8", "versionEndExcluding": "6.17-rc4"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/c8277d229c7840e8090d4704e50f2ca014d194c7"}, {"url": "https://git.kernel.org/stable/c/84603ed1d73ebb8de856dc11f4f5d3541c48f7a2"}, {"url": "https://git.kernel.org/stable/c/2b55ddf36229e0278c956215784ab1feeff510aa"}], "title": "drm/xe/vm: Clear the scratch_pt pointer on error", "x_generator": {"engine": "bippy-1.2.0"}}}}