CVE-2025-38409 in Linux
Summary
by MITRE • 07/25/2025
In the Linux kernel, the following vulnerability has been resolved:
drm/msm: Fix another leak in the submit error path
put_unused_fd() doesn't free the installed file, if we've already done fd_install(). So we need to also free the sync_file.
Patchwork: https://patchwork.freedesktop.org/patch/653583/
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Analysis
by VulDB Data Team • 01/03/2026
The vulnerability identified as CVE-2025-38409 represents a memory leak issue within the Linux kernel's graphics subsystem, specifically affecting the drm/msm driver component. This flaw manifests in the error handling path during GPU command submission operations, where improper resource cleanup leads to persistent memory allocation. The vulnerability occurs within the Direct Rendering Manager framework that manages graphics hardware access in Linux systems, particularly impacting mobile and embedded systems utilizing Qualcomm Snapdragon chipsets through the msm (Mobile Side Module) driver implementation.
The technical root cause stems from improper file descriptor management during error conditions in the GPU submission pathway. When the kernel encounters an error during command submission, it attempts to clean up allocated resources through put_unused_fd() function calls. However, this function fails to properly release file descriptors that have already been installed via fd_install() calls, leaving sync_file objects in memory. This creates a resource leak where file descriptor references persist even after the submission operation has failed, leading to gradual memory consumption over time. The issue is particularly concerning in embedded systems where memory resources are limited and continuous operation is expected.
The operational impact of this vulnerability extends beyond simple memory consumption, as it can lead to system instability and performance degradation over extended periods of GPU usage. Systems utilizing the affected drm/msm driver may experience progressive memory exhaustion, potentially leading to system crashes or forced reboots when memory resources become depleted. This vulnerability affects devices running Linux kernels with the msm graphics driver, including smartphones, tablets, and embedded systems that rely on Qualcomm's GPU hardware for graphics processing. The leak is particularly problematic in environments with frequent GPU command submissions, such as gaming applications, multimedia processing, or continuous graphics rendering scenarios.
Mitigation strategies for this vulnerability involve applying the upstream kernel patch that corrects the resource cleanup logic in the error handling path. System administrators should ensure their Linux kernel versions include the fix from the referenced Patchwork link, which properly handles the synchronization file cleanup when file descriptors have already been installed. Organizations should prioritize kernel updates, particularly in production environments where continuous GPU usage occurs, and implement monitoring for memory consumption patterns that might indicate resource leaks. The vulnerability aligns with CWE-404, which addresses improper resource management, and could potentially be leveraged by attackers to perform resource exhaustion attacks under specific conditions. Additionally, this issue relates to ATT&CK technique T1499.001, which covers resource exhaustion attacks that can be facilitated by memory leaks in system components.