CVE-2025-38596: 
Linux Ubuntu vulnerability analysis and mitigation

A use-after-free (UAF) vulnerability has been identified in the Linux kernel's drm/panthor subsystem, specifically in the panthorgemcreatewithhandle() debugfs code. The vulnerability was discovered and disclosed on August 19, 2025, affecting various Linux kernel versions. The issue occurs when the object is potentially accessed after drmgemobject_put() is called (NVD).

The vulnerability stems from a timing issue where the object might be accessed after being freed through drmgemobject_put(). The debugfs tracking uses a separate lock and list, along with a separate flag to indicate whether the object is actually initialized. The CVSS v3 Base Score is 5.5, indicating moderate severity (Red Hat).

This vulnerability could potentially lead to use-after-free conditions in the Linux kernel's DRM (Direct Rendering Manager) subsystem, which could result in system crashes, memory corruption, or potential privilege escalation (NVD).

The issue has been resolved by simplifying the object initialization process, ensuring that objects are only added to debugfs when they are ready. The fix involves modifying the panthorgemdebugfsborm() function which now checks whether the object has actually been added to the list or if this is an error path cleanup (NVD).