CVE-2025-38515
📋 TL;DR
A race condition in the Linux kernel's DRM scheduler can cause job scheduling to stop, leading to system hangs when waiting on DMA fences. This affects systems using the Direct Rendering Manager (DRM) subsystem with vulnerable kernel versions, particularly those using the Xe driver. The vulnerability requires local access to trigger.
💻 Affected Systems
- Linux kernel with DRM scheduler subsystem
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
System becomes unresponsive or hangs completely, requiring hard reboot and potentially causing data loss or service disruption.
Likely Case
Local denial of service affecting graphical applications or GPU-accelerated workloads, causing application crashes or system instability.
If Mitigated
Minimal impact with proper access controls limiting local user privileges and kernel hardening measures.
🎯 Exploit Status
Exploitation requires triggering a specific race condition timing, which may be difficult to reliably achieve. Requires local access to the system.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions containing commit 549a9c78c3ea6807d0dc4162a4f5ba59f217d5a0 or later
Vendor Advisory: https://git.kernel.org/stable/c/549a9c78c3ea6807d0dc4162a4f5ba59f217d5a0
Restart Required: Yes
Instructions:
1. Update to a kernel version containing the fix commit. 2. Check with your distribution for backported patches. 3. Reboot the system to load the new kernel.
🔧 Temporary Workarounds
Disable affected DRM drivers
LinuxIf not using GPU acceleration or specific DRM drivers, they can be disabled via kernel parameters
Add 'modprobe.blacklist=drm' or specific driver blacklist to kernel boot parameters
🧯 If You Can't Patch
- Restrict local user access and implement least privilege principles
- Monitor system stability and implement automated recovery for hangs
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if DRM scheduler is active: 'uname -r' and 'lsmod | grep drm'Check Version:
uname -rVerify Fix Applied:
Verify kernel version includes fix commit or is newer than vulnerable versions📡 Detection & Monitoring
Log Indicators:
- Kernel oops messages related to DRM
- System hang events in logs
- GPU driver timeout messages
Network Indicators:
- None - local vulnerability only
SIEM Query:
Search for: 'kernel.*drm.*scheduler.*hang' OR 'kernel.*oops.*drm'🔗 References
- https://git.kernel.org/stable/c/549a9c78c3ea6807d0dc4162a4f5ba59f217d5a0
- https://git.kernel.org/stable/c/8af39ec5cf2be522c8eb43a3d8005ed59e4daaee
- https://git.kernel.org/stable/c/c64f5310530baf75328292f9b9f3f2961d185183
- https://git.kernel.org/stable/c/e2d6547dc8b9b332f9bc00875197287a6a4db65a
- https://git.kernel.org/stable/c/e62f51d0ec8a9baf324caf9a564f8e318d36a551
- https://git.kernel.org/stable/c/ef58a95457466849fa7b31fd3953801a5af0f58b
- https://git.kernel.org/stable/c/ef841f8e4e1ff67817ca899bedc5ebb00847c0a7
- https://git.kernel.org/stable/c/f9a4f28a4fc4ee453a92a9abbe36e26224d17749
- https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
- https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html
