CVE-2025-38080 — Linux vulnerability
50 documents7 sources
Severity
5.5MEDIUMNVD
OSV3.2
EPSS
0.1%
top 80.00%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJun 18
Latest updateMar 25
Description
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Increase block_sequence array size
[Why]
It's possible to generate more than 50 steps in hwss_build_fast_sequence,
for example with a 6-pipe asic where all pipes are in one MPC chain. This
overflows the block_sequence buffer and corrupts block_sequence_steps,
causing a crash.
[How]
Expand block_sequence to 100 items. A naive upper bound on the possible
number of steps for a 6-pipe asic, ignoring the potential…
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6