CVE-2025-39820
BaseFortify
Publication date: 2025-09-16
Last updated on: 2025-12-02
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | From 6.15 (inc) to 6.16.5 (exc) |
| linux | linux_kernel | 6.17 |
| linux | linux_kernel | 6.17 |
| linux | linux_kernel | 6.17 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-476 | The product dereferences a pointer that it expects to be valid but is NULL. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a null pointer dereference issue in the Linux kernel's drm/msm/dpu component. Specifically, the function drm_atomic_get_new_connector_state() can return NULL if the connector is not part of the atomic state, and the code did not check for this NULL value before using it. This could cause the kernel to dereference a NULL pointer, potentially leading to a crash or other unintended behavior. The fix adds a null pointer check to prevent this.
How can this vulnerability impact me? :
The vulnerability can cause a NULL pointer dereference in the Linux kernel, which may lead to a system crash or instability when the drm/msm/dpu driver is used. This could result in denial of service or unexpected behavior on affected systems.
What immediate steps should I take to mitigate this vulnerability?
Apply the patch that adds a null pointer check for dpu_encoder_needs_modeset in the drm/msm/dpu component of the Linux kernel to prevent NULL pointer dereference. This patch follows the pattern used in dpu_encoder_update_topology and ensures drm_atomic_get_new_connector_state() is checked for NULL before use.