CVE-2025-38188

drm/msm/a7xx: Call CP_RESET_CONTEXT_STATE

Description

In the Linux kernel, the following vulnerability has been resolved: drm/msm/a7xx: Call CP_RESET_CONTEXT_STATE Calling this packet is necessary when we switch contexts because there are various pieces of state used by userspace to synchronize between BR and BV that are persistent across submits and we need to make sure that they are in a "safe" state when switching contexts. Otherwise a userspace submission in one context could cause another context to function incorrectly and hang, effectively a denial of service (although without leaking data). This was missed during initial a7xx bringup. Patchwork: https://patchwork.freedesktop.org/patch/654924/

N/A
CVSS
Severity:
EPSS 0.02%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/8a1f52651dd8203695d293c6824d8f6c067877d1
https://git.kernel.org/stable/c/35fe72f3c425bbf1d580bd9066e2456b1dbae4a8
https://git.kernel.org/stable/c/2b520c6104f34e3a548525173c38ebca4402cac3

Frequently Asked Questions

What is the severity of CVE-2025-38188?
CVE-2025-38188 has not yet been assigned a CVSS score.
How to fix CVE-2025-38188?
To fix CVE-2025-38188, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2025-38188 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2025-38188 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2025-38188?
CVE-2025-38188 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.