DEBIAN-CVE-2025-38095

DEBIAN-CVE-2025-38095 PUBLISHED CVSS 5.5 MEDIUM

In the Linux kernel, the following vulnerability has been resolved: dma-buf: insert memory barrier before updating num_fences smp_store_mb() inserts memory barrier after storing operation. It is different with what the comment is originally aiming so Null pointer dereference can be happened if memory update is reordered.

Risk Scores

CVSS v3.1

5.5

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products

Vendor	Product	Versions
Debian:11	linux	5.10.178-1, 0, 5.10.103-1
Debian:13	linux	0, 0
Debian:11	linux-6.1	6.1.129-1, 6.1.137-1, *
Debian:14	linux	0, 0
Debian:12	linux	6.1.55-1~bpo11+1, 6.1.90-1, 6.1.66-1

Timeline

Jul 3, 2025 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2025-38095 advisory

Open in Interactive Console →