Vulnerability DatabaseCVE-2025-38188

CVE-2025-38188:
Linux Kernel vulnerability analysis and mitigation

Overview

CVE-2025-38188 is a vulnerability in the Linux kernel's drm/msm/a7xx driver discovered on July 4, 2025. The issue involves the failure to call CP_RESET_CONTEXT_STATE when switching contexts, affecting the synchronization between BR and BV states (NVD, RedHat).

Technical details

The vulnerability stems from a missing CP_RESET_CONTEXT_STATE packet call during context switching in the drm/msm/a7xx driver. This packet is essential for ensuring that various state pieces used by userspace to synchronize between BR and BV remain in a safe state across context switches. The vulnerability has been assigned a CVSS v3.1 base score of 5.5, indicating moderate severity (RedHat).

Impact

When exploited, this vulnerability can cause a userspace submission in one context to interfere with another context's operation, potentially leading to system hangs and effectively creating a denial of service condition. Importantly, while the vulnerability can cause system disruption, it does not lead to data leakage (RedHat).

Mitigation and workarounds

A fix has been developed and is available through the Linux kernel patching system. The solution involves implementing the necessary CP_RESET_CONTEXT_STATE packet call during context switching operations (NVD).

Additional resources

Source: This report was generated using AI

View vulnerable instances

Not a customer? See how Wiz maps CVEs like this one to real cloud attack paths.

Watch 12-min demo

5.5

Score

Published July 4, 2025

Severity MEDIUM

CNA Score N/A

Affected Technologies

Linux Kernel
MinimOS

Has Public Exploit No

Has CISA KEV Exploit No

CISA KEV Release Date N/A

CISA KEV Due Date N/A

Exploitation Probability Percentile (EPSS) 4.8

Exploitation Probability (EPSS) N/A

Affected packages and libraries

dlm-kmp-64kb
kernel-default-livepatch-devel

Sources

NVD
Debian Security Tracker
- Debian 13 Severity MEDIUMHas FixAdded at: Jul 06, 2025
- Debian 14 Severity MEDIUMHas FixAdded at: Aug 10, 2025
Minimus
- MinimOS Severity MEDIUMHas FixAdded at: Nov 23, 2025
Ubuntu Security Tracker
- Ubuntu 22.04, 24.10 Severity MEDIUMNo FixAdded at: Jul 10, 2025
- Ubuntu 24.04, 25.04 Severity MEDIUMHas FixAdded at: Jul 10, 2025

Get a CVE risk assessment

Get a prioritized view of CVEs in your cloud—so you can focus on what's exploitable, not just what's listed.

Request assessment

Related Linux Kernel vulnerabilities:

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2025-71142	N/A	N/A	Linux Kernel	kernel-64k-debug-devel-matched	No	No	Jan 14, 2026
CVE-2025-71137	N/A	N/A	Linux Kernel	linux-gcp	No	Yes	Jan 14, 2026
CVE-2025-71135	N/A	N/A	Linux Kernel	kernel-debug-core	No	No	Jan 14, 2026
CVE-2025-71134	N/A	N/A	Linux Kernel	kernel-uki-virt	No	No	Jan 14, 2026
CVE-2025-71133	N/A	N/A	Linux Kernel	kernel-modules-extra	No	Yes	Jan 14, 2026

Free Vulnerability Assessment

Benchmark your Cloud Security Posture

Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.

Request assessment

Additional Wiz resources

Cloud Vulnerability DB

A community-led vulnerabilities database

Cloud Threat Landscape

A threat intelligence database

PEACH

A tenant isolation framework

Get a personalized demo

Ready to see Wiz in action?

"Best User Experience I have ever seen, provides full visibility to cloud workloads."

David EstlickCISO

"Wiz provides a single pane of glass to see what is going on in our cloud environments."

Adam FletcherChief Security Officer

"We know that if Wiz identifies something as critical, it actually is."

Greg PoniatowskiHead of Threat and Vulnerability Management

Get a demo

CVE-2025-38188: Linux Kernel vulnerability analysis and mitigation