CVE Catalog

CVE-2025-71315

MediumCVSS 5.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.16%

6th percentile - higher than 6% of all known CVEs

Summary

In the Linux kernel, a vulnerability in the DRM vkms driver was fixed by replacing the custom vblank timer with the DRM implementation. The flaw could cause incorrect vertical synchronization behavior.

Risk Assessment

The risk for the organization includes potential graphics disruptions on systems using vkms, affecting stability in virtual or test environments.

Recommendation

Immediately update the Linux kernel to a version containing the fix (commit in drm/vkms) and monitor for vblank-related error messages.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Convert to DRM's vblank timer Replace vkms' vblank timer with the DRM implementation. The DRM code is identical in concept, but differs in implementation. Vblank timers are covered in vblank helpers and initializer macros, so remove the corresponding hrtimer in struct vkms_output. The vblank timer calls vkms' custom timeout code via handle_vblank_timeout in struct drm_crtc_helper_funcs.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS