CVE-2025-38410
📋 TL;DR
This CVE describes a memory leak vulnerability in the Linux kernel's Direct Rendering Manager (DRM) subsystem for MSM (Qualcomm Adreno) graphics drivers. When error conditions occur during job submission, a fence object isn't properly cleaned up, leading to gradual memory exhaustion. This affects systems using affected Linux kernel versions with MSM/Adreno graphics hardware.
💻 Affected Systems
- Linux kernel with MSM/Adreno DRM driver
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Sustained exploitation could lead to kernel memory exhaustion, causing system instability, denial of service, or potential kernel crashes.
Likely Case
Gradual memory leak under specific error conditions, potentially leading to performance degradation or system instability over time.
If Mitigated
Minimal impact with proper memory monitoring and system maintenance practices in place.
🎯 Exploit Status
Exploitation requires triggering specific error conditions in the graphics driver submission path. Likely requires local access and ability to interact with graphics subsystem.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions containing the fix commits referenced in the CVE
Vendor Advisory: https://patchwork.freedesktop.org/patch/653584/
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing fix commits. 2. For distributions: Use package manager to update kernel package. 3. Reboot system to load new kernel.
🔧 Temporary Workarounds
Disable MSM DRM driver
linuxPrevent loading of vulnerable driver module (not recommended for systems requiring graphics functionality)
echo 'blacklist msm' >> /etc/modprobe.d/blacklist.conf
update-initramfs -u
reboot
🧯 If You Can't Patch
- Monitor system memory usage for unusual leaks
- Restrict local user access to systems with MSM graphics hardware
🔍 How to Verify
Check if Vulnerable:
Check if MSM DRM driver is loaded: lsmod | grep msm. Check kernel version against patched versions.Check Version:
uname -rVerify Fix Applied:
Verify kernel version includes fix commits. Check dmesg for any memory leak warnings related to DRM.📡 Detection & Monitoring
Log Indicators:
- Kernel oops messages
- Memory allocation failures in dmesg
- DRM subsystem error messages
Network Indicators:
- None - local vulnerability only
SIEM Query:
source="kernel" AND ("oom" OR "memory" OR "drm" OR "msm")🔗 References
- https://git.kernel.org/stable/c/0dc817f852e5f8ec8501d19ef7dcc01affa181d0
- https://git.kernel.org/stable/c/0eaa495b3d5710e5ba72051d2e01bb28292c625c
- https://git.kernel.org/stable/c/201eba5c9652a900c0b248070263f9acd3735689
- https://git.kernel.org/stable/c/5d319f75ccf7f0927425a7545aa1a22b3eedc189
- https://git.kernel.org/stable/c/5deab0fa6cfd0cd7def17598db15ceb84f950584
- https://git.kernel.org/stable/c/fe2695b2f63bd77e0e03bc0fc779164115bb4699
- https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
