In the Linux kernel, the following vulnerability has been resolved:
drm/xe: Fix taking invalid lock on wedge
If device wedges on e.g. GuC upload, the submission is not yet enabled and the state is not even initialized. Protect the wedge call so it does nothing in this case. It fixes the following splat:
[] xe 0000:bf:00.0: [drm] device wedged, needs recovery
[] ------------[ cut here ]------------
[] DEBUG_LOCKS_WARN_ON(lock->magic != lock)
[] WARNING: CPU: 48 PID: 312 at kernel/locking/mutex.c:564 __mutex_lock+0x8a1/0xe60
...
[] RIP: 0010:__mutex_lock+0x8a1/0xe60
[] mutex_lock_nested+0x1b/0x30
[] xe_guc_submit_wedge+0x80/0x2b0 [xe]
[
{
"signature_type": "Line",
"id": "CVE-2025-38353-06bf4d55",
"target": {
"file": "drivers/gpu/drm/xe/xe_guc_types.h"
},
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@1e1981b16bb1bbe2fafa57ed439b45cb5b34e32d",
"digest": {
"threshold": 0.9,
"line_hashes": [
"176367917451052019795346619779272027721",
"192134114295070644930004646847140015550",
"243047994000148959331856964867819931843",
"49287321508476245804979154671804253148"
]
}
},
{
"signature_type": "Line",
"id": "CVE-2025-38353-1fa91bc2",
"target": {
"file": "drivers/gpu/drm/xe/xe_guc_types.h"
},
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a6d81b2d7037ef36163ad16459ed3fd17cb1b596",
"digest": {
"threshold": 0.9,
"line_hashes": [
"176367917451052019795346619779272027721",
"192134114295070644930004646847140015550",
"243047994000148959331856964867819931843",
"49287321508476245804979154671804253148"
]
}
},
{
"signature_type": "Line",
"id": "CVE-2025-38353-30a992ac",
"target": {
"file": "drivers/gpu/drm/xe/xe_guc_submit.c"
},
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a6d81b2d7037ef36163ad16459ed3fd17cb1b596",
"digest": {
"threshold": 0.9,
"line_hashes": [
"78986327377411830002616635763639301042",
"313460422509418603645115371189017319388",
"208750006990799877795608587532877092630",
"45697117209037727386618249107974760667",
"91091224600260076824976307695713486135",
"58208448147810463024655747867858573757"
]
}
},
{
"signature_type": "Line",
"id": "CVE-2025-38353-3d4bf289",
"target": {
"file": "drivers/gpu/drm/xe/xe_guc_types.h"
},
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@20eec7018e132a023f84ccbdf56b6c5b73d3094f",
"digest": {
"threshold": 0.9,
"line_hashes": [
"176367917451052019795346619779272027721",
"192134114295070644930004646847140015550",
"243047994000148959331856964867819931843",
"49287321508476245804979154671804253148"
]
}
},
{
"signature_type": "Line",
"id": "CVE-2025-38353-74dfe40d",
"target": {
"file": "drivers/gpu/drm/xe/xe_guc_submit.c"
},
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@1e1981b16bb1bbe2fafa57ed439b45cb5b34e32d",
"digest": {
"threshold": 0.9,
"line_hashes": [
"78986327377411830002616635763639301042",
"313460422509418603645115371189017319388",
"208750006990799877795608587532877092630",
"45697117209037727386618249107974760667",
"91091224600260076824976307695713486135",
"58208448147810463024655747867858573757"
]
}
},
{
"signature_type": "Function",
"id": "CVE-2025-38353-7579c19a",
"target": {
"function": "xe_guc_submit_init",
"file": "drivers/gpu/drm/xe/xe_guc_submit.c"
},
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@20eec7018e132a023f84ccbdf56b6c5b73d3094f",
"digest": {
"function_hash": "125542658581198014598609089712452511566",
"length": 568.0
}
},
{
"signature_type": "Line",
"id": "CVE-2025-38353-7a1cd637",
"target": {
"file": "drivers/gpu/drm/xe/xe_guc_submit.c"
},
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@20eec7018e132a023f84ccbdf56b6c5b73d3094f",
"digest": {
"threshold": 0.9,
"line_hashes": [
"78986327377411830002616635763639301042",
"313460422509418603645115371189017319388",
"208750006990799877795608587532877092630",
"45697117209037727386618249107974760667",
"91091224600260076824976307695713486135",
"58208448147810463024655747867858573757"
]
}
},
{
"signature_type": "Function",
"id": "CVE-2025-38353-804211da",
"target": {
"function": "xe_guc_submit_init",
"file": "drivers/gpu/drm/xe/xe_guc_submit.c"
},
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@1e1981b16bb1bbe2fafa57ed439b45cb5b34e32d",
"digest": {
"function_hash": "125542658581198014598609089712452511566",
"length": 568.0
}
},
{
"signature_type": "Function",
"id": "CVE-2025-38353-b3642547",
"target": {
"function": "xe_guc_submit_init",
"file": "drivers/gpu/drm/xe/xe_guc_submit.c"
},
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a6d81b2d7037ef36163ad16459ed3fd17cb1b596",
"digest": {
"function_hash": "125542658581198014598609089712452511566",
"length": 568.0
}
}
]