Primary

Context

Linux Kernel GuC Virtual Engine Request Handling Use-After-Free Vulnerability

Vulnerability

Patched

A use-after-free vulnerability has been addressed in the Linux kernel's handling of requests for GuC virtual engines within the i915 graphics driver. This issue arose because references to i915_requests could be retained by userspace through sync_files or dmabufs, potentially leading to memory leaks. The vulnerability affected several versions of the Linux kernel.

Impact

The vulnerability could lead to a use-after-free condition, allowing for memory corruption or exploitation opportunities.

Remediation

Users can upgrade to the latest version of the Linux kernel to address this vulnerability.

Added: Oct 4, 2025, 6:49 PM

Updated: Oct 4, 2025, 6:49 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

7.7

relevance

0.6

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

7.7

relevance

0.6

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel GuC Virtual Engine Request Handling Use-After-Free Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating