Description
In the Linux kernel, the following vulnerability has been resolved:

drm/panthor: fix for dma-fence safe access rules

Commit 506aa8b02a8d6 ("dma-fence: Add safe access helpers and document
the rules") details the dma-fence safe access rules. The most common
culprit is that drm_sched_fence_get_timeline_name may race with
group_free_queue.
Published: 2026-05-08
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The Linux kernel’s DRM panthor driver contains a race condition between drm_sched_fence_get_timeline_name and group_free_queue. This race can allow a fence to be referenced after its group has been freed, resulting in a use‑after‑free of kernel memory. An attacker able to trigger the race could corrupt kernel memory and cause the system to crash or become unstable.

Affected Systems

All Linux kernels that include the DRM panthor driver and have not incorporated commit 506aa8b, which adds safe access helpers for DMA fence. In practice this includes any distribution running a kernel older than the one that introduced that commit.

Risk and Exploitability

The CVSS score is 5.5 and the EPSS score is < 1 %. The flaw exists in core kernel code but has no reported exploitation. It is inferred that the vulnerability requires local execution with sufficient privilege to interact with the panthor driver, and could lead to kernel memory corruption and a denial of service. The vulnerability is not listed in CISA’s KEV catalog.

Generated by OpenCVE AI on May 14, 2026 at 21:52 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the kernel update that contains commit 506aa8b, which implements safe access rules for DMA fence and fixes the race condition (CWE‑821).
  • If an update cannot be deployed immediately, disable or unload the panthor DRM driver to prevent execution of the vulnerable code that could lead to a use‑after‑free (CWE‑821).
  • As a temporary safeguard, restrict privileges of users who can load or interact with the panthor driver or limit the use of DMA fence operations to mitigate the risk of the race condition exploitation (CWE‑821).

Generated by OpenCVE AI on May 14, 2026 at 21:52 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 14 May 2026 19:15:00 +0000

Type Values Removed Values Added
Weaknesses NVD-CWE-noinfo
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

Sat, 09 May 2026 02:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-362
CWE-416

Sat, 09 May 2026 00:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-821
References

Fri, 08 May 2026 20:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-362
CWE-416

Fri, 08 May 2026 14:00:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: drm/panthor: fix for dma-fence safe access rules Commit 506aa8b02a8d6 ("dma-fence: Add safe access helpers and document the rules") details the dma-fence safe access rules. The most common culprit is that drm_sched_fence_get_timeline_name may race with group_free_queue.
Title drm/panthor: fix for dma-fence safe access rules
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-05-11T21:57:34.387Z

Reserved: 2026-05-08T13:14:33.087Z

Link: CVE-2025-71302

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2026-05-08T14:16:31.607

Modified: 2026-05-14T19:07:30.090

Link: CVE-2025-71302

cve-icon Redhat

Severity :

Publid Date: 2026-05-08T00:00:00Z

Links: CVE-2025-71302 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-05-14T22:00:10Z

Weaknesses