Primary

Context

Linux Kernel Panfrost Driver Use-After-Free Vulnerability in MMU Context Handling

Vulnerability

A use-after-free vulnerability has been identified in the Linux kernel's Panfrost graphics driver. This issue arises because the job structure incorrectly references the Panfrost private data to access the Memory Management Unit (MMU) context. If the Panfrost private data has already been freed, this creates a use-after-free condition that can be exploited, leading to a system crash. The vulnerability is present in the Panfrost driver when the MMU context outlives its corresponding private data, allowing for potential exploitation.

Impact

Exploitation of this vulnerability leads to a use-after-free condition, causing a system crash.

Remediation

The vulnerability has been addressed by modifying the job structure to remove the reference to the Panfrost private data and instead directly reference the MMU structure, which is the actual requirement.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Panfrost Driver Use-After-Free Vulnerability in MMU Context Handling

Vulnerability

Impact

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating