Volerion logoVolerion
Volerion logoVolerion

Linux Kernel Group Creation Use-After-Free Vulnerability in DRM/Panthor

Vulnerability

A use-after-free vulnerability has been addressed in the Linux kernel's GROUP_CREATE ioctl function within the DRM/Panthor driver. This issue arose because a pointer to a group was accessed after being stored in the Xarray, creating a window for exploitation. A malicious userspace could predict the handle of a group and simultaneously invoke the GROUP_DESTROY ioctl from another thread, leading to potential memory corruption. The vulnerability has been mitigated by introducing a marking system on the group pool Xarray, which ensures that a group cannot be deleted before it has been properly initialized and marked. This update is included in the Linux kernel stable tree.

Impact

Exploitation of this vulnerability could lead to a use-after-free condition, allowing for memory corruption and potentially arbitrary code execution.

Added: Dec 24, 2025, 1:53 PM
Updated: Dec 24, 2025, 1:53 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
2.5
exploitability
3.5
remediation
7.7
relevance
1.7
threat
3.2
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.