CVE-2025-21780

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-21780
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-21780.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-21780
Downstream
Related
Published
2025-02-27T02:18:23.543Z
Modified
2026-05-28T03:55:51.336443084Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table()
Details

In the Linux kernel, the following vulnerability has been resolved:

drm/amdgpu: avoid buffer overflow attach in smusyssetpptable()

It malicious user provides a small pptable through sysfs and then a bigger pptable, it may cause buffer overflow attack in function smusyssetpptable().

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/21xxx/CVE-2025-21780.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
137d63abbf6a0859e79b662e81d21170ecb75e59
Fixed
3484ea33157bc7334f57e64826ec5a4bf992151a
Fixed
e43a8b9c4d700ffec819c5043a48769b3e7d9cab
Fixed
2498d2db1d35e88a2060ea191ae75dce853dd084
Fixed
231075c5a8ea54f34b7c4794687baa980814e6de
Fixed
1abb2648698bf10783d2236a6b4a7ca5e8021699

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-21780.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.2.0
Fixed
6.1.129
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.79
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.16
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.13.4

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-21780.json"