CVE-2025-39675
BaseFortify
Publication date: 2025-09-05
Last updated on: 2025-11-03
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | 6.1.153 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability occurs in the Linux kernel's drm/amd/display component where the function mod_hdcp_hdcp1_create_session() calls get_first_active_display() without checking if the returned pointer is null. If the display list is empty, get_first_active_display() returns a null pointer, leading to a null pointer dereference which can cause a system crash or instability. The fix adds a null pointer check and returns an error status if no active display is found.
How can this vulnerability impact me? :
The vulnerability can cause a null pointer dereference in the Linux kernel, potentially leading to system crashes or instability when the display list is empty. This could disrupt normal system operations or cause denial of service conditions.