CVE-2025-71315
MediumCVSS 5.5Exploitation Probability (EPSS)
Low risk6th percentile - higher than 6% of all known CVEs
Summary
In the Linux kernel, a vulnerability in the DRM vkms driver was fixed by replacing the custom vblank timer with the DRM implementation. The flaw could cause incorrect vertical synchronization behavior.
Risk Assessment
The risk for the organization includes potential graphics disruptions on systems using vkms, affecting stability in virtual or test environments.
Recommendation
Immediately update the Linux kernel to a version containing the fix (commit in drm/vkms) and monitor for vblank-related error messages.
Original NVD description (English source)
In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Convert to DRM's vblank timer Replace vkms' vblank timer with the DRM implementation. The DRM code is identical in concept, but differs in implementation. Vblank timers are covered in vblank helpers and initializer macros, so remove the corresponding hrtimer in struct vkms_output. The vblank timer calls vkms' custom timeout code via handle_vblank_timeout in struct drm_crtc_helper_funcs.

