CVE-2025-39675

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-39675
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-39675.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-39675
Downstream
Related
Published
2025-09-05T17:20:41.179Z
Modified
2026-03-12T02:15:29.789222Z
Summary
drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session()
Details

In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: Add null pointer check in modhdcphdcp1createsession()

The function modhdcphdcp1createsession() calls the function getfirstactive_display(), but does not check its return value. The return value is a null pointer if the display list is empty. This will lead to a null pointer dereference.

Add a null pointer check for getfirstactivedisplay() and return MODHDCPSTATUSDISPLAYNOTFOUND if the function return null.

This is similar to the commit c3e9826a2202 ("drm/amd/display: Add null pointer check for getfirstactive_display()").

(cherry picked from commit 5e43eb3cd731649c4f8b9134f857be62a416c893)

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/39xxx/CVE-2025-39675.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
2deade5ede56581722c0d7672f28b09548dc0fc4
Fixed
2af45aadb7b5d3852c76e2d1e985289ada6f48bf
Fixed
ee0373b20bb67b1f00a1b25ccd24c8ac996b6446
Fixed
857b8387a9777e42b36e0400be99b54c251eaf9a
Fixed
97fc94c5fd3c6ac5a13e457d38ee247737b8c4bd
Fixed
2ee86b764c54e0d6a5464fb023b630fdf20869cd
Fixed
7a2ca2ea64b1b63c8baa94a8f5deb70b2248d119

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-39675.json"