CVE-2025-21985 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix out-of-bound accesses [WHAT & HOW] hpo_stream_to_link_encoder_mapping has size MAX_HPO_DP2_ENCODERS(=4), but location can have size up to 6. As a result, it is necessary to check location against MAX_HPO_DP2_ENCODERS. Similiarly, disp_cfg_stream_location can be used as an array index which should be 0..5, so the ASSERT's conditions should be less without equal.

PUBLISHED Reserved 2024-12-29 | Published 2025-04-01 | Updated 2025-07-11 | Assigner Linux

Product status

Default status

unaffected

4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c (git) before 36793d90d76f667d26c6dd025571481ee0c96abc

affected

4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c (git) before 9aedc776b11038f04f4641241bb7e877781e4aa4

affected

4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c (git) before 8adbb2a98b00926315fd513b5fe2596b5716b82d

affected

Default status

affected

4.15

affected

Any version before 4.15

unaffected

6.12.20 (semver)

unaffected

6.13.8 (semver)

unaffected

6.14 (original_commit_for_fix)

unaffected

References

git.kernel.org/...c/36793d90d76f667d26c6dd025571481ee0c96abc

git.kernel.org/...c/9aedc776b11038f04f4641241bb7e877781e4aa4

git.kernel.org/...c/8adbb2a98b00926315fd513b5fe2596b5716b82d

cve.org (CVE-2025-21985)

nvd.nist.gov (CVE-2025-21985)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.

help @ threatint.eu