CVE-2025-38436

When an entity from application B is killed, drmschedentitykill() removes all jobs belonging to that entity through drmschedentitykilljobswork(). If application A's job depends on a scheduled fence from application B's job, and that fence is not properly signaled during the killing process, application A's dependency cannot be cleared.

This leads to application A hanging indefinitely while waiting for a dependency that will never be resolved. Fix this issue by ensuring that scheduled fences are properly signaled when an entity is killed, allowing dependent applications to continue execution.

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38436.json",
    "cna_assigner": "Linux"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

a72ce6f84109c1dec1ab236d65979d3250668af3

Fixed

8342127a8a65b0673863b106ce32b79c91ae3270

Fixed

c5734f9bab6f0d40577ad0633af4090a5fda2407

Fixed

aefd0a935625165a6ca36d0258d2d053901555df

Fixed

aa382a8b6ed483e9812d0e63b6d1bdcba0186f29

Fixed

471db2c2d4f80ee94225a1ef246e4f5011733e50

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38436.json"

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

4.3.0

Fixed

6.1.169

Type: ECOSYSTEM
Events: Introduced

6.2.0

Fixed

6.6.96

Type: ECOSYSTEM
Events: Introduced

6.7.0

Fixed

6.12.36

Type: ECOSYSTEM
Events: Introduced

6.13.0

Fixed

6.15.5

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38436.json"