CVE-2025-38360
BaseFortify
Publication date: 2025-07-25
Last updated on: 2025-11-18
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | 6.16 |
| linux | linux_kernel | 6.16 |
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-NVD-CWE-noinfo |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in the Linux kernel involves the drm/amd/display component where, for non-zero DSC (Display Stream Compression) instances, the required HUBP domain to drive sequential ONO ASICs may not be properly powered. This can cause the logic tile to enter an undefined state, potentially leading to a system hang. The fix involved adding more checks to ensure the HUBP domain matching the DSC instance is appropriately powered.
How can this vulnerability impact me? :
The vulnerability can cause the system to hang due to the logic tile entering an undefined state when the HUBP domain is not properly powered for certain DSC instances. This can lead to system instability or crashes.
What immediate steps should I take to mitigate this vulnerability?
Apply the updated Linux kernel patch that includes the additional checks for DSC / HUBP ONO guarantees to ensure the HUBP domain is appropriately powered, preventing the system hang caused by the undefined state.