CVE-2025-38214
📋 TL;DR
A null pointer dereference vulnerability in the Linux kernel's framebuffer subsystem allows local attackers to cause a kernel panic (denial of service) by triggering a failed memory allocation during video mode changes. This affects systems with framebuffer console support enabled, primarily Linux servers and workstations with console access.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash and denial of service, potentially requiring physical or remote console access to reboot.
Likely Case
Local denial of service through kernel panic when privileged users or processes trigger the vulnerable code path.
If Mitigated
Minimal impact if systems have proper access controls and don't expose framebuffer console functionality to untrusted users.
🎯 Exploit Status
Found by fuzzing with Syzkaller. Requires ability to trigger framebuffer operations, typically through console access or specific ioctl calls.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Patches available in stable kernel trees (commits referenced in CVE)
Vendor Advisory: https://git.kernel.org/stable/c/05f6e183879d9785a3cdf2f08a498bc31b7a20aa
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version from your distribution vendor. 2. For custom kernels, apply commit 05f6e183879d9785a3cdf2f08a498bc31b7a20aa or equivalent from stable tree. 3. Reboot system after kernel update.
🔧 Temporary Workarounds
Disable framebuffer console
linuxDisable framebuffer console support in kernel configuration to remove vulnerable code path
Rebuild kernel with CONFIG_FB=n or CONFIG_FB_CONSOLE=n
Restrict console access
linuxLimit physical and virtual console access to trusted users only
🧯 If You Can't Patch
- Restrict physical and virtual console access to minimize attack surface
- Monitor for kernel panic events and investigate any unauthorized console access attempts
🔍 How to Verify
Check if Vulnerable:
Check kernel version and framebuffer configuration: cat /proc/version | grep -E '5\.10\.' && grep -q 'CONFIG_FB=y' /boot/config-$(uname -r)Check Version:
uname -rVerify Fix Applied:
Verify kernel version is newer than patched version and check for presence of fix commit: uname -r && git log --oneline | grep -q '05f6e183879d9785a3cdf2f08a498bc31b7a20aa'📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages in /var/log/kern.log or dmesg
- General protection fault errors mentioning fb_videomode_to_var
- Syz-executor processes triggering framebuffer operations
Network Indicators:
- None - local vulnerability only
SIEM Query:
source="kernel" AND ("general protection fault" OR "null-ptr-deref" OR "fb_videomode_to_var")🔗 References
- https://git.kernel.org/stable/c/05f6e183879d9785a3cdf2f08a498bc31b7a20aa
- https://git.kernel.org/stable/c/1a10d91766eb6ddfd5414e4785611e33a4fe0f9b
- https://git.kernel.org/stable/c/3ca78032a388a0795201792b36e6fc9b6e6e8eed
- https://git.kernel.org/stable/c/8a3a2887794b2c8e78b3e5d6e3de724527c9f41b
- https://git.kernel.org/stable/c/b3071bb463ea1e6c686d0dc9638fc940f2f5cf17
- https://git.kernel.org/stable/c/ee20216f12d9482cd70e44dae5e7fabb38367c71
- https://git.kernel.org/stable/c/fab201d72fde38d081e2c5d4ad25595c535b7b22
- https://git.kernel.org/stable/c/ff0e037241173b574b385bff53d67567b9816db5
- https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
- https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
