CVE-2025-39675
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
05/09/2025
Last modified:
08/09/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session()<br />
<br />
The function mod_hdcp_hdcp1_create_session() calls the function<br />
get_first_active_display(), but does not check its return value.<br />
The return value is a null pointer if the display list is empty.<br />
This will lead to a null pointer dereference.<br />
<br />
Add a null pointer check for get_first_active_display() and return<br />
MOD_HDCP_STATUS_DISPLAY_NOT_FOUND if the function return null.<br />
<br />
This is similar to the commit c3e9826a2202<br />
("drm/amd/display: Add null pointer check for get_first_active_display()").<br />
<br />
(cherry picked from commit 5e43eb3cd731649c4f8b9134f857be62a416c893)
Impact
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/2af45aadb7b5d3852c76e2d1e985289ada6f48bf
- https://git.kernel.org/stable/c/2ee86b764c54e0d6a5464fb023b630fdf20869cd
- https://git.kernel.org/stable/c/7a2ca2ea64b1b63c8baa94a8f5deb70b2248d119
- https://git.kernel.org/stable/c/857b8387a9777e42b36e0400be99b54c251eaf9a
- https://git.kernel.org/stable/c/97fc94c5fd3c6ac5a13e457d38ee247737b8c4bd
- https://git.kernel.org/stable/c/ee0373b20bb67b1f00a1b25ccd24c8ac996b6446