CVE-2025-38362

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2025-38362
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38362.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-38362
Downstream
Related
Published
2025-07-25T12:47:33.035Z
Modified
2025-11-28T02:35:28.487594Z
Summary
drm/amd/display: Add null pointer check for get_first_active_display()
Details

In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: Add null pointer check for getfirstactive_display()

The function modhdcphdcp1enableencryption() calls the function getfirstactivedisplay(), but does not check its return value. The return value is a null pointer if the display list is empty. This will lead to a null pointer dereference in modhdcphdcp2enable_encryption().

Add a null pointer check for getfirstactivedisplay() and return MODHDCPSTATUSDISPLAYNOTFOUND if the function return null.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38362.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
2deade5ede56581722c0d7672f28b09548dc0fc4
Fixed
34d3e10ab905f06445f8dbd8a3d9697095e71bae
Fixed
1ebcdf38887949def1a553ff3e45c98ed95a3cd0
Fixed
5148c7ea69e9c5bf2f05081190f45ba96d3d1e7a
Fixed
4ce9f2dc9ff7cc410e8c5d936ec551e26b9599a9
Fixed
b3005145eab98d36777660b8893466e4f630ae1c
Fixed
c3e9826a22027a21d998d3e64882fa377b613006

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.8.0
Fixed
5.15.187
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.143
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.96
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.36
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.15.5