{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-38093", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-04-16T04:51:23.984Z", "datePublished": "2025-07-02T14:43:31.415Z", "dateUpdated": "2025-07-02T14:43:31.415Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-07-02T14:43:31.415Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: dts: qcom: x1e80100: Add GPU cooling\n\nUnlike the CPU, the GPU does not throttle its speed automatically when it\nreaches high temperatures. With certain high GPU loads it is possible to\nreach the critical hardware shutdown temperature of 120\u00b0C, endangering the\nhardware and making it impossible to run certain applications.\n\nSet up GPU cooling similar to the ACPI tables, by throttling the GPU speed\nwhen reaching 95\u00b0C and polling every 200ms."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["arch/arm64/boot/dts/qcom/x1e80100.dtsi"], "versions": [{"version": "721e38301b79a6ee8375cb0ebd586699a7f353e3", "lessThan": "cd9d354bdd28b20a8f3170dab3bc0f096e66d6b4", "status": "affected", "versionType": "git"}, {"version": "721e38301b79a6ee8375cb0ebd586699a7f353e3", "lessThan": "ae664ca09072857349857530dce12e09c048b12d", "status": "affected", "versionType": "git"}, {"version": "721e38301b79a6ee8375cb0ebd586699a7f353e3", "lessThan": "d145a6a3e252f093dc243d2944fecb2387a3d690", "status": "affected", "versionType": "git"}, {"version": "721e38301b79a6ee8375cb0ebd586699a7f353e3", "lessThan": "5ba21fa11f473c9827f378ace8c9f983de9e0287", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["arch/arm64/boot/dts/qcom/x1e80100.dtsi"], "versions": [{"version": "6.11", "status": "affected"}, {"version": "0", "lessThan": "6.11", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.34", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.14.10", "lessThanOrEqual": "6.14.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.15.1", "lessThanOrEqual": "6.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.16-rc1", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.11", "versionEndExcluding": "6.12.34"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.11", "versionEndExcluding": "6.14.10"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.11", "versionEndExcluding": "6.15.1"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.11", "versionEndExcluding": "6.16-rc1"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/cd9d354bdd28b20a8f3170dab3bc0f096e66d6b4"}, {"url": "https://git.kernel.org/stable/c/ae664ca09072857349857530dce12e09c048b12d"}, {"url": "https://git.kernel.org/stable/c/d145a6a3e252f093dc243d2944fecb2387a3d690"}, {"url": "https://git.kernel.org/stable/c/5ba21fa11f473c9827f378ace8c9f983de9e0287"}], "title": "arm64: dts: qcom: x1e80100: Add GPU cooling", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: dts: qcom: x1e80100: Add GPU cooling\n\nUnlike the CPU, the GPU does not throttle its speed automatically when it\nreaches high temperatures. With certain high GPU loads it is possible to\nreach the critical hardware shutdown temperature of 120\u00b0C, endangering the\nhardware and making it impossible to run certain applications.\n\nSet up GPU cooling similar to the ACPI tables, by throttling the GPU speed\nwhen reaching 95\u00b0C and polling every 200ms."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: arm64: dts: qcom: x1e80100: A\u00f1adir refrigeraci\u00f3n de la GPU. A diferencia de la CPU, la GPU no reduce su velocidad autom\u00e1ticamente al alcanzar altas temperaturas. Con ciertas cargas altas de la GPU, es posible alcanzar la temperatura cr\u00edtica de apagado del hardware de 120 \u00b0C, lo que pone en peligro el hardware e imposibilita la ejecuci\u00f3n de ciertas aplicaciones. Configure la refrigeraci\u00f3n de la GPU de forma similar a las tablas ACPI, limitando la velocidad de la GPU al alcanzar los 95 \u00b0C y realizando un sondeo cada 200 ms."}], "id": "CVE-2025-38093", "lastModified": "2025-07-03T15:13:53.147", "metrics": {}, "published": "2025-07-02T15:15:26.317", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/5ba21fa11f473c9827f378ace8c9f983de9e0287"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/ae664ca09072857349857530dce12e09c048b12d"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/cd9d354bdd28b20a8f3170dab3bc0f096e66d6b4"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/d145a6a3e252f093dc243d2944fecb2387a3d690"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: arm64: dts: qcom: x1e80100: Add GPU cooling", "id": "2375916", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2375916"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "details": ["No description is available for this CVE."], "name": "CVE-2025-38093", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-07-02T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-38093\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-38093\nhttps://lore.kernel.org/linux-cve-announce/2025070237-CVE-2025-38093-a615@gregkh/T"], "threat_severity": "Moderate"}