CVE-2025-38521
📋 TL;DR
A vulnerability in the Imagination GPU driver for Linux kernels allows a local attacker to cause a kernel crash (denial of service) by triggering a GPU hard reset. This affects systems using Imagination GPU hardware with the vulnerable driver. The issue occurs due to improper power management function calls during reset sequences.
💻 Affected Systems
- Linux kernel with Imagination GPU driver (drm/imagination)
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Complete system crash requiring reboot, potentially causing data loss or service disruption.
Likely Case
Kernel panic leading to system instability and denial of service on affected GPU workloads.
If Mitigated
No impact if patched or if GPU hard reset functionality is not triggered.
🎯 Exploit Status
Exploitation requires local access and ability to trigger GPU hard reset operations. No public exploit code identified.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Linux kernel with commits 9f852d301f642223c4798f3c13ba15e91165d078, d38376b3ee48d073c64e75e150510d7e6b4b04f7, e066cc6e0f094ca2120f1928d126d56f686cd73e applied
Vendor Advisory: https://git.kernel.org/stable/c/9f852d301f642223c4798f3c13ba15e91165d078
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix commits. 2. Reboot system to load patched kernel. 3. Verify kernel version and that Imagination GPU driver is functioning.
🔧 Temporary Workarounds
Disable GPU hard reset functionality
linuxPrevent triggering of GPU hard reset operations that exploit the vulnerability
echo 0 > /sys/module/pvr/parameters/enable_hard_reset
Blacklist Imagination GPU driver
linuxPrevent loading of vulnerable driver module
echo 'blacklist pvr' >> /etc/modprobe.d/blacklist.conf
🧯 If You Can't Patch
- Restrict local user access to systems with Imagination GPUs
- Monitor for kernel panic events and investigate GPU-related crashes
🔍 How to Verify
Check if Vulnerable:
Check if Imagination GPU driver is loaded: lsmod | grep pvr AND check kernel version against patched versionsCheck Version:
uname -rVerify Fix Applied:
Verify kernel version includes fix commits and test GPU functionality remains stable📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages
- GPU driver crash logs
- System crash/reboot events
Network Indicators:
- None - local vulnerability
SIEM Query:
source="kernel" AND ("panic" OR "Oops" OR "GPU" OR "pvr")