CVE-2025-38095
dma-buf: insert memory barrier before updating num_fences
In the Linux kernel, the following vulnerability has been resolved:
dma-buf: insert memory barrier before updating num_fences
smp_store_mb() inserts memory barrier after storing operation.
It is different with what the comment is originally aiming so Null
pointer dereference can be happened if memory update is reordered.
Affected products
Linux · LinuxWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://git.kernel.org/stable/c/08680c4dadc6e736c75bc2409d833f03f9003c51https://git.kernel.org/stable/c/3becc659f9cb76b481ad1fb71f54d5c8d6332d3fhttps://git.kernel.org/stable/c/72c7d62583ebce7baeb61acce6057c361f73be4ahttps://git.kernel.org/stable/c/90eb79c4ed98a4e24a62ccf61c199ab0f680fa8fhttps://git.kernel.org/stable/c/c9d2b9a80d06a58f37e0dc8c827075639b443927https://git.kernel.org/stable/c/d0b7f11dd68b593bd970e5735be00e8d89bace30https://git.kernel.org/stable/c/fe1bebd0edb22e3536cbc920ec713331d1367ad4https://lists.debian.org/debian-lts-announce/2025/08/msg00010.htmlhttps://lists.debian.org/debian-lts-announce/2025/10/msg00007.html