Linux Kernel dma-buf/dma-resv Use-After-Free Vulnerability

Vulnerability

A use-after-free vulnerability has been identified in the Linux kernel's handling of dma-buf and dma-resv objects. The issue arises because, when adding a fence to a dma_resv object, the kernel previously assumed that the new fence would always be later than the existing ones. However, recent changes allow userspace to manipulate this assumption, potentially leading to a use-after-free error. This vulnerability has been addressed by implementing a check to ensure that the new fence is indeed later, and it is recommended to backport this fix to stable kernel versions.

Impact

Exploitation of this vulnerability could lead to a use-after-free error, which may be exploited to cause memory corruption or execute arbitrary code.

Added: Jun 18, 2025, 10:27 PM

Updated: Jun 18, 2025, 10:27 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel dma-buf/dma-resv Use-After-Free Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating