cve 2025 38095

CVE-2025-38095 is a Linux kernel vulnerability in the dma-buf reservation (dma-resv) code, involving a race or ordering bug that could cause a null-pointer dereference. The fix adds an explicit memory barrier before updating the internal fence count (num_fences) to prevent readers from seeing a partially initialized fence list. Vendors and major distributions have applied the stable commit and published advisories. This tag covers discussions about the vulnerability, its technical details, and the kernel patch that resolves it.