{
  "affected": [
    {
      "ranges": [
        {
          "events": [
            {
              "introduced": "a3707f53eb3f4f3e7a30d720be0885f813d649bb"
            },
            {
              "fixed": "5f2be12442db6a2904e6e31b0e3b5ad5aebf868b"
            },
            {
              "fixed": "fe69a391808404977b1f002a6e7447de3de7a88e"
            }
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "type": "GIT"
        }
      ]
    }
  ],
  "database_specific": {
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38596.json"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/panthor: Fix UAF in panthor_gem_create_with_handle() debugfs code\n\nThe object is potentially already gone after the drm_gem_object_put().\nIn general the object should be fully constructed before calling\ndrm_gem_handle_create(), except the debugfs tracking uses a separate\nlock and list and separate flag to denotate whether the object is\nactually initialized.\n\nSince I'm touching this all anyway simplify this by only adding the\nobject to the debugfs when it's ready for that, which allows us to\ndelete that separate flag. panthor_gem_debugfs_bo_rm() already checks\nwhether we've actually been added to the list or this is some error\npath cleanup.\n\nv2: Fix build issues for !CONFIG_DEBUGFS (Adrián)\n\nv3: Add linebreak and remove outdated comment (Liviu)",
  "id": "CVE-2025-38596",
  "modified": "2026-04-01T23:10:37.808266581Z",
  "published": "2025-08-19T17:03:26.445Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/5f2be12442db6a2904e6e31b0e3b5ad5aebf868b"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/fe69a391808404977b1f002a6e7447de3de7a88e"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38596.json"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-38596"
    },
    {
      "type": "PACKAGE",
      "url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"
    }
  ],
  "schema_version": "1.7.3",
  "summary": "drm/panthor: Fix UAF in panthor_gem_create_with_handle() debugfs code"
}