SB2025052177 - Resource management error in Linux kernel drm nouveau driver
Published: May 21, 2025 Updated: May 21, 2025
Security Bulletin ID
SB2025052177
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Resource management error (CVE-ID: CVE-2025-37930)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the nouveau_fence_context_kill() function in drivers/gpu/drm/nouveau/nouveau_fence.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/0453825167ecc816ec15c736e52316f69db0deb9
- https://git.kernel.org/stable/c/126f5c6e0cb84e5c6f7a3a856d799d85668fb38e
- https://git.kernel.org/stable/c/2ec0f5f6d4768f292c8406ed92fa699f184577e5
- https://git.kernel.org/stable/c/47ca11836c35c5698088fd87f7fb4b0ffa217e17
- https://git.kernel.org/stable/c/b771b2017260ffc3a8d4e81266619649bffcb242
- https://git.kernel.org/stable/c/bbe5679f30d7690a9b6838a583b9690ea73fe0e9
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.182
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.138
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.12.28
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.14.6
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.90