Volerion logoVolerion
Volerion logoVolerion

Linux Kernel Buffer Object Eviction Vulnerability in Intel GPU Driver

Vulnerability

A vulnerability in the Linux kernel's Intel GPU driver can lead to improper eviction of buffer objects within the same virtual machine. This issue arises when an array of virtual machine binds is processed, potentially evicting other buffer objects and causing NULL pointer dereferences later in the binding pipeline. The vulnerability affects several versions of the Linux kernel.

Impact

Exploitation of this vulnerability can cause NULL pointer dereferences, leading to potential crashes or undefined behavior in the system.

Reproduction

The vulnerability can be reproduced by creating an array of VM binds that includes buffer objects within the same virtual machine. This can be done using the Intel GPU driver in the Linux kernel.

Remediation

Users can upgrade to the latest version of the Linux kernel, where this vulnerability has been addressed.

Added: Oct 30, 2025, 10:44 AM
Updated: Oct 30, 2025, 3:52 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
2.5
exploitability
4.3
remediation
7.7
relevance
0.9
threat
4.8
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.