CVE-2025-21968

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-21968
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-21968.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-21968
Downstream
Related
Published
2025-04-01T15:47:02.909Z
Modified
2026-05-15T11:53:24.851619531Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
drm/amd/display: Fix slab-use-after-free on hdcp_work
Details

In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: Fix slab-use-after-free on hdcp_work

[Why] A slab-use-after-free is reported when HDCP is destroyed but the propertyvalidatedwork queue is still running.

[How] Cancel the delayed work when destroying workqueue.

(cherry picked from commit 725a04ba5a95e89c89633d4322430cfbca7ce128)

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/21xxx/CVE-2025-21968.json"
}
References

Affected packages

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.5.0
Fixed
5.10.236
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.180
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.132
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.84
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.20
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.13.8

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-21968.json"