CVE-2025-39675
05.09.2025, 18:15
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session()
The function mod_hdcp_hdcp1_create_session() calls the function
get_first_active_display(), but does not check its return value.
The return value is a null pointer if the display list is empty.
This will lead to a null pointer dereference.
Add a null pointer check for get_first_active_display() and return
MOD_HDCP_STATUS_DISPLAY_NOT_FOUND if the function return null.
This is similar to the commit c3e9826a2202
("drm/amd/display: Add null pointer check for get_first_active_display()").
(cherry picked from commit 5e43eb3cd731649c4f8b9134f857be62a416c893)Enginsight| Vendor | Product | Version |
|---|---|---|
| linux | linux_kernel | 5.8 ≤ 𝑥 < 5.15.190 |
| linux | linux_kernel | 5.16 ≤ 𝑥 < 6.1.149 |
| linux | linux_kernel | 6.2 ≤ 𝑥 < 6.6.103 |
| linux | linux_kernel | 6.7 ≤ 𝑥 < 6.12.44 |
| linux | linux_kernel | 6.13 ≤ 𝑥 < 6.16.4 |
| linux | linux_kernel | 6.17:rc1 |
| linux | linux_kernel | 6.17:rc2 |
| debian | debian_linux | 11.0 |
𝑥
= Vulnerable software versions
Debian Releases
Common Weakness Enumeration
References