CVE-2025-38669: 
Linux Kernel vulnerability analysis and mitigation

A vulnerability in the Linux kernel has been identified and assigned CVE-2025-38669. The issue relates to the drm/gem-shmem component where the dmabuf field in struct drmgem_object becomes unstable during the object instance's lifetime, leading to a NULL-pointer dereference when user space releases the final GEM handle on the buffer object (Kernel Git).

The vulnerability stems from the instability of the dmabuf field in struct drmgem_object over the object instance's lifetime. When user space releases the final GEM handle on the buffer object, the field becomes NULL, resulting in a NULL-pointer dereference. Previous attempts to fix this issue through commits 5307dce878d4 and f6bfc9afc751 only provided partial solutions, particularly failing for buffer objects without an associated DRM framebuffer. The vulnerability has received a CVSS v3.1 base score of 7.0 with vector string CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H (Red Hat XML).

The vulnerability affects multiple versions of Red Hat Enterprise Linux, specifically version 9 and its kernel-rt variant, as well as version 10. Earlier versions (6, 7, and 8) are not affected by this vulnerability (Red Hat XML).

The vulnerability has been resolved by reverting the commit 1a148af06000e545e714fe3210af3d77ff903c11 and returning to using .importattach->dmabuf instead of the unstable dmabuf field (Kernel Git).