VYPR
← All advisories
Medium severity5.5NVD Advisory· Published Jul 25, 2025· Updated Apr 18, 2026

CVE-2025-38436

CVE-2025-38436

Description

In the Linux kernel, the following vulnerability has been resolved:

drm/scheduler: signal scheduled fence when kill job

When an entity from application B is killed, drm_sched_entity_kill() removes all jobs belonging to that entity through drm_sched_entity_kill_jobs_work(). If application A's job depends on a scheduled fence from application B's job, and that fence is not properly signaled during the killing process, application A's dependency cannot be cleared.

This leads to application A hanging indefinitely while waiting for a dependency that will never be resolved. Fix this issue by ensuring that scheduled fences are properly signaled when an entity is killed, allowing dependent applications to continue execution.

Affected products

1
  • Linux/Kernel
    cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
    Range: >=4.3,<6.6.96

Patches

4
c5734f9bab6f
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
aefd0a935625
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
aa382a8b6ed4
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
471db2c2d4f8
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv

Vulnerability mechanics

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

News mentions

0

No linked articles in our index yet.