CVE-2025-38467
MEDIUM EPSS 5.6%
Published Jul 25, 202511mo ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Published Jul 25, 2025 11mo ago
Last Modified Jun 17, 2026 2w ago
Description
In the Linux kernel, the following vulnerability has been resolved: drm/exynos: exynos7_drm_decon: add vblank check in IRQ handling If there's support for another console device (such as a TTY serial), the kernel occasionally panics during boot. The panic message and a relevant snippet of the call stack is as follows: Unable to handle kernel NULL pointer dereference at virtual address 000000000000000 Call trace: drm_crtc_handle_vblank+0x10/0x30 (P) decon_irq_handler+0x88/0xb4 [...] Otherwise, the panics don't happen. This indicates that it's some sort of race condition. Add a check to validate if the drm device can handle vblanks before calling drm_crtc_handle_vblank() to avoid this.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High
Threat Intelligence
EPSS Exploit Probability
5.6% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 1
CWE-476 NULL Pointer Dereference Memory Safety
Affected Products 12
| Vendor | Product | Version | Range |
|---|---|---|---|
| linux | linux_kernel | * | ≥4.0 – <5.4.296 |
| linux | linux_kernel | * | ≥5.5 – <5.10.240 |
| linux | linux_kernel | * | ≥5.11 – <5.15.189 |
| linux | linux_kernel | * | ≥5.16 – <6.1.146 |
| linux | linux_kernel | * | ≥6.2 – <6.6.99 |
| linux | linux_kernel | * | ≥6.7 – <6.12.39 |
| linux | linux_kernel | * | ≥6.13 – <6.15.7 |
| linux | linux_kernel | 6.16 | any |
| linux | linux_kernel | 6.16 | any |
| linux | linux_kernel | 6.16 | any |
| linux | linux_kernel | 6.16 | any |
| debian | debian_linux | 11.0 | any |
References 10
- git.kernel.org https://git.kernel.org/stable/c/391e5ea5b877230b844c9bd8bbcd91b681b1ce2d
- git.kernel.org https://git.kernel.org/stable/c/87825fbd1e176cd5b896940f3959e7c9a916945d
- git.kernel.org https://git.kernel.org/stable/c/996740652e620ef8ee1e5c65832cf2ffa498577d
- git.kernel.org https://git.kernel.org/stable/c/a2130463fc9451005660b0eda7b61d5f746f7d74
- git.kernel.org https://git.kernel.org/stable/c/a40a35166f7e4f6dcd4b087d620c8228922dcb0a
- git.kernel.org https://git.kernel.org/stable/c/b4e72c0bf878f02faa00a7dc7c9ffc4ff7c116a7
- git.kernel.org https://git.kernel.org/stable/c/b846350aa272de99bf6fecfa6b08e64ebfb13173
- git.kernel.org https://git.kernel.org/stable/c/e9d9b25f376737b81f06de9c5aa422b488f47184
- lists.debian.org https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
- lists.debian.org https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
Remediation
- git.kernel.org https://git.kernel.org/stable/c/391e5ea5b877230b844c9bd8bbcd91b681b1ce2d
- git.kernel.org https://git.kernel.org/stable/c/87825fbd1e176cd5b896940f3959e7c9a916945d
- git.kernel.org https://git.kernel.org/stable/c/996740652e620ef8ee1e5c65832cf2ffa498577d
- git.kernel.org https://git.kernel.org/stable/c/a2130463fc9451005660b0eda7b61d5f746f7d74
- git.kernel.org https://git.kernel.org/stable/c/a40a35166f7e4f6dcd4b087d620c8228922dcb0a
- git.kernel.org https://git.kernel.org/stable/c/b4e72c0bf878f02faa00a7dc7c9ffc4ff7c116a7
- git.kernel.org https://git.kernel.org/stable/c/b846350aa272de99bf6fecfa6b08e64ebfb13173
- git.kernel.org https://git.kernel.org/stable/c/e9d9b25f376737b81f06de9c5aa422b488f47184