CVE-2025-38521
- Source
- https://cve.org/CVERecord?id=CVE-2025-38521
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38521.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-38521
- Downstream
- Related
- Published
- 2025-08-16T10:55:08.373Z
- Modified
- 2026-03-20T12:42:53.743301Z
- Summary
- drm/imagination: Fix kernel crash when hard resetting the GPU
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
drm/imagination: Fix kernel crash when hard resetting the GPU
The GPU hard reset sequence calls pmruntimeforcesuspend() and pmruntimeforceresume(), which according to their documentation should only be used during system-wide PM transitions to sleep states.
The main issue though is that depending on some internal runtime PM state as seen by pmruntimeforcesuspend() (whether the usage count is <= 1), pmruntimeforceresume() might not resume the device unless needed. If that happens, the runtime PM resume callback pvrpowerdevice_resume() is not called, the GPU clocks are not re-enabled, and the kernel crashes on the next attempt to access GPU registers as part of the power-on sequence.
Replace calls to pmruntimeforcesuspend() and pmruntimeforceresume() with direct calls to the driver's runtime PM callbacks, pvrpowerdevicesuspend() and pvrpowerdeviceresume(), to ensure clocks are re-enabled and avoid the kernel crash.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38521.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/stable/c/9f852d301f642223c4798f3c13ba15e91165d078
- https://git.kernel.org/stable/c/d38376b3ee48d073c64e75e150510d7e6b4b04f7
- https://git.kernel.org/stable/c/e066cc6e0f094ca2120f1928d126d56f686cd73e
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38521.json
- https://nvd.nist.gov/vuln/detail/CVE-2025-38521
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git