| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025070935-CVE-2025-38254-7416@gregkh> Date: Wed, 9 Jul 2025 12:42:46 +0200 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...nel.org> Subject: CVE-2025-38254: drm/amd/display: Add sanity checks for drm_edid_raw() From: Greg Kroah-Hartman <gregkh@...nel.org> Description =========== In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add sanity checks for drm_edid_raw() When EDID is retrieved via drm_edid_raw(), it doesn't guarantee to return proper EDID bytes the caller wants: it may be either NULL (that leads to an Oops) or with too long bytes over the fixed size raw_edid array (that may lead to memory corruption). The latter was reported actually when connected with a bad adapter. Add sanity checks for drm_edid_raw() to address the above corner cases, and return EDID_BAD_INPUT accordingly. (cherry picked from commit 648d3f4d209725d51900d6a3ed46b7b600140cdf) The Linux kernel CVE team has assigned CVE-2025-38254 to this issue. Affected and fixed versions =========================== Issue introduced in 6.13 with commit 48edb2a4256eedf6c92eecf2bc7744e6ecb44b5e and fixed in 6.15.5 with commit 4b63507d7cd243574753c6b91f68516d9103f1de Issue introduced in 6.13 with commit 48edb2a4256eedf6c92eecf2bc7744e6ecb44b5e and fixed in 6.16-rc4 with commit 6847b3b6e84ef37451c074e6a8db3fbd250c8dbf Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2025-38254 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_helpers.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/4b63507d7cd243574753c6b91f68516d9103f1de https://git.kernel.org/stable/c/6847b3b6e84ef37451c074e6a8db3fbd250c8dbf
Powered by blists - more mailing lists