CVE-2025-38036

{"id": "CVE-2025-38036", "cveTags": [], "metrics": {}, "published": "2025-06-18T10:15:35.897", "references": [{"url": "https://git.kernel.org/stable/c/13265fe7426ec9ba5aa86baab913417ca361e8a4", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/ef6e950aea76a5009ccc79ebfa955ecc66cd85a2", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Awaiting Analysis", "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe/vf: Perform early GT MMIO initialization to read GMDID\n\nVFs need to communicate with the GuC to obtain the GMDID value\nand existing GuC functions used for that assume that the GT has\nit's MMIO members already setup. However, due to recent refactoring\nthe gt->mmio is initialized later, and any attempt by the VF to use\nxe_mmio_read|write() from GuC functions will lead to NPD crash due\nto unset MMIO register address:\n\n[] xe 0000:00:02.1: [drm] Running in SR-IOV VF mode\n[] xe 0000:00:02.1: [drm] GT0: sending H2G MMIO 0x5507\n[] BUG: unable to handle page fault for address: 0000000000190240\n\nSince we are already tweaking the id and type of the primary GT to\nmimic it's a Media GT before initializing the GuC communication,\nwe can also call xe_gt_mmio_init() to perform early setup of the\ngt->mmio which will make those GuC functions work again."}], "lastModified": "2025-06-18T13:46:52.973", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}