CVE-2025-38596

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> drm/panthor: Fix UAF in panthor_gem_create_with_handle() debugfs code<br /> <br /> The object is potentially already gone after the drm_gem_object_put().<br /> In general the object should be fully constructed before calling<br /> drm_gem_handle_create(), except the debugfs tracking uses a separate<br /> lock and list and separate flag to denotate whether the object is<br /> actually initialized.<br /> <br /> Since I&amp;#39;m touching this all anyway simplify this by only adding the<br /> object to the debugfs when it&amp;#39;s ready for that, which allows us to<br /> delete that separate flag. panthor_gem_debugfs_bo_rm() already checks<br /> whether we&amp;#39;ve actually been added to the list or this is some error<br /> path cleanup.<br /> <br /> v2: Fix build issues for !CONFIG_DEBUGFS (Adrián)<br /> <br /> v3: Add linebreak and remove outdated comment (Liviu)