CVE-2025-38362

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-38362

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38362.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2025-38362

Downstream

BELL-CVE-2025-38362

DEBIAN-CVE-2025-38362

DSA-5973-1

ECHO-d28e-921b-8750

OESA-2025-1959

OESA-2025-1960

OESA-2025-1961

OESA-2025-1963

OESA-2025-1964

SUSE-SU-2025:02853-1

SUSE-SU-2025:02923-1

SUSE-SU-2025:02969-1

SUSE-SU-2025:03023-1

UBUNTU-CVE-2025-38362

USN-7774-1

USN-7774-2

USN-7774-3

USN-7775-1

USN-7776-1

Related

Published

2025-07-25T13:15:25Z

Modified

2025-08-12T21:01:38Z

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: Add null pointer check for getfirstactive_display()

The function modhdcphdcp1enableencryption() calls the function getfirstactivedisplay(), but does not check its return value. The return value is a null pointer if the display list is empty. This will lead to a null pointer dereference in modhdcphdcp2enable_encryption().

Add a null pointer check for getfirstactivedisplay() and return MODHDCPSTATUSDISPLAYNOTFOUND if the function return null.

References

Affected packages