A vulnerability has been found in Linux Kernel up to 6.15.3/6.16-rc2 and classified as critical. This vulnerability affects the function
r535_gsp_rpc_push
of the component nouveau. The manipulation leads to use after free.
This vulnerability was named CVE-2025-38187. Access to the local network is required for this attack. There is no exploit available.
It is recommended to upgrade the affected component.