A vulnerability has been found in Linux Kernel up to 6.15.3/6.16-rc2 and classified as critical. This vulnerability affects the function r535_gsp_rpc_push of the component nouveau. The manipulation leads to use after free.

This vulnerability was named CVE-2025-38187. Access to the local network is required for this attack. There is no exploit available.

It is recommended to upgrade the affected component.